Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Failover Engine (FoE) > FoE interoperability with antivirus scanners

FoE interoperability with antivirus scanners

Table of contents
Created by Michael Perez, last modified by MindTouch on Jun 23, 2016

Views: 11 Votes: 1 Revisions: 4

Overview

This article provides general information about interoperability with antivirus scanners. In general, SolarWinds recommends, where possible, using one of the supported  antivirus products. If using an unsupported antivirus product, the general advice below should be followed. However, SolarWinds may be unable to resolve support calls arising out of an interaction with such products.

Environment

All Orion Failover Engine versions

Detail

Consult and implement the antivirus manufacturer’s advice, as SolarWinds guidelines will often follow these recommendations.

General Principles

  1. File level antivirus should not be used to protect application server databases such as the Microsoft SQL Server. The nature of database contents can cause false positives in virus detection leading to database application failures and data integrity errors. Performance will also be affected. 
  2. SolarWinds recommends that when implementing Orion Failover Engine, file  level antivirus temp files should not be replicated by Orion Failover Engine. Generally, your file replication application should be configured to avoid replicating any and all antivirus files.
  3. The file level antivirus software running on the primary server must be the same as the software that runs on the secondary server. In addition, the same  file level antivirus must run during both active and passive roles.
  4. The file level antivirus should be configured to use the public, management IP address on the passive server for virus definition updates. If this is not possible, it may be necessary to update virus definitions manually on the passive server.
  5. After installation of Orion Failover Engine, any changes made to the configuration of file level scanning on the active server must be repeated manually on the passive server.
  6. The following Orion Failover Engine directories (C:\Program Files\SolarWinds\FoE\ is the default installation directory) must be excluded from File Level Anti-Virus Scans:
    • C:\Program Files\SolarWinds\FoE\R2\logs
    • C:\Program Files\SolarWinds\FoE\R2\log
    • C:\Program Files\SolarWinds\FoE\R2\FSMTemp
      Note: This directory and its contents are deleted by the File State Manager when not in use.

 

Last modified
19:28, 22 Jun 2016

Tags

Classifications

Public