March 31, 2017 at 10:26 am
Not sure what "best practice" is, but we swapped windows defender out for a more enterprise ready antivirus and then set up ignore rules on the databases as those get a lot of writes and we don't want the antivirus scanning the database with every disk write.
That being said, I'd have an antivirus enabled on any internet enabled device. And windows defender is better than having no AV.
The above is all just my opinion on what you should do.
As with all advice you find on a random internet forum - you shouldn't blindly follow it. Always test on a test server to see if there is negative side effects before making changes to live!
I recommend you NEVER run "random code" you found online on any system you care about UNLESS you understand and can verify the code OR you don't care if the code trashes your system.
April 1, 2017 at 8:42 pm
I disable windows defender on my SQL boxes. If you must have an AV on a database box, I want one that is highly configurable and reliable. The second part of that equation is the difficult part. I don't believe defender to be reliable for a server yet, nor is it highly configurable.
I also prefer to have devices between the database servers and the internet that will help with that AV requirement.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
April 2, 2017 at 3:02 am
Another vote for disable and use something else, excluding SQL data/log/backup folders.
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply