Malwarebytes on Server

jessepereboom

New Member
Reaction score
0
Location
Scandia, MN
Just wondering if anyone runs Malwarebytes on a Windows Server, or what recommendations of running a particular AV on a server. I currently have been using Avast, (Endpoint Protection Suite) which is fairly affordable. ($175 for 4 machines plus the server) We had to turn off the network scan as it was really slowing down the file transfer over the LAN.
 
I wouldn't run it on a server realtime. I'd run it as part of a disinfection if I had to but that's all.

To be honest I see little point in having it running on the server since the server should not be used to browse the web and MBAM seems designed for the sort of stuff you pick up off your browser. Not sure if you can do the correct exclusions can you? I don't know because it's not something I'd consider using.

Personally I use ESET - fileserver on fileservers or mail security on SBS and exchange boxes.

I'm not familiar with Avast server products so not sure what the "network scan" does exactly. Do you need that bit of it running?

There is an argument about the value of AV on file servers in that if it's just doing that then short of a network worm, it's very unlikely for the OS to get infected. Other than the OS your concern is infected files being held on it and therefore spreading from one PC to the next. But if you have client AV then that is covering that anyway. I feel more comfortable running AV but I cannot honestly remember the last time a server got infected.
 
On our servers at my day job the av we use is Symantec endpoint protection, but anyway, we can build our own installer packages. The installer we use for servers has only the av, no network monitoring etc. Would recommend not using much on servers.
 
Only time I've run MWB on a server is when it's a terminal server.
No other types of servers should hit the web really, so shouldn't be a need for it.

Very good idea to learn how to configure an AV product when installing them on servers. Such as domain controllers, exchange servers, etc. There are a crazy insane amount of "exclusions" to set, to keep the antivirus products nose out of certain directories, and file extensions.

an example.
http://www.technibble.com/forums/showthread.php?t=36936&highlight=antivirus+exclusions

Yes...some AV products will detect they're being installed on a server and automatically do "some" of the exclusions above, but I've never seen one do them all correctly. Lack of following the "best practices" listed above results in a poor performing server, and increases chances of corruption of DNS or DHCP tables or worse.
 
I'm not sure in all av, but like I said nice thing on Symantec is you build install packages with the options you want them you can assign them to a group of systems.
 
I'm not sure in all av, but like I said nice thing on Symantec is you build install packages with the options you want them you can assign them to a group of systems.

Yes just about every brand that makes managed business AV (which is most of them) has those features....to create templates you can apply for custom settings.

...of course, servers can vary substantially "per client"..especially when it comes to the data partition. A template is easy enough to whip up to cover the %system% volume, but the data volume will likely be unique per client and need custom exclusions there.
 
Good deal. It seems like Symantec once told me for servers they recommend using only the AV component without the network monitoring etc.
 
Good deal. It seems like Symantec once told me for servers they recommend using only the AV component without the network monitoring etc.

Agreed...having a 3rd party software firewall just adds to complication, and overhead on the servers TCP stack...things that you don't want.

We don't even like 3rd party software firewalls on clients...and never install it on a server.
 
Back
Top