Práticas Recomendados Performance TrendMicro

12 de junho de 2012 Outros No comments

Problem Description

The Worry-Free Business Security (WFBS) Agent’s antivirus and anti-spyware real-time scan scans files for malicious code as they are accessed or created.
 
When some programs create or modify files rapidly, the Security Agent may use a lot of resource verifying the legitimacy of all file accesses. With the current default settings, the Security Agent will exclude the folders frequently modified by these programs:
 
Worry-Free Business Security Server
Microsoft Exchange 2000/2003/2007/2010
Active Directory Domain Services (Windows Server Role)
 
Note: These settings can be modified  in the Security Server’s web console, under the Preferences > Global Settings > Desktop/Server section.
 
Some programs or operating system features do not have default options in WFBS to exclude folders and files from real-time scan. If you encounter performance issues running one of these programs, you can modify the Security Settings in the Security Server’s web console.
 
Important: These security settings will reduce the protection on your computer. For publicly available servers, please review these settings and the nature of the services before applying these settings.

Solution

To resolve the issue, please do the following:
 
1. Log on to the WFBS console.
   
2. Go to Security Settings > Group > Configure.
   
3. Check if you have the following programs and then exclude the specified folders, files, or extensions:
   
  Outlook:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following extensions:
     
    o .PST
     
  Windows Update Store:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\Windows\SoftwareDistribution\Datastore
     
  Windows Software Update Services (WSUS) Server:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o <WSUS storage driver letter>:\MSSQL$WSUS
       
    o <WSUS storage driver letter>:\WSUS
       
    o <WSUS storage driver letter>:\WsusDatabase
     
  DHCP Server (Windows Server Role):
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\Windows\system32\dhcp
     
  DNS Server (Windows Server Role):
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\Windows\system32\dns
     
  WINS Server (Windows Server Role):
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\Windows\system32\wins
     
  Print and Document Services (Windows Server Role):
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\Windows\system32\Spool\
     
  Remote Storage Service
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\windows\system32\ntmsdata
     
  POP3 Connector in Windows Small Business Server (SBS) 2003:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directory:
     
    o C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Failed Mail
       
    o C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Incoming mail
     
  Internet Information Services (IIS) 6.0 or Web Server role on Windows Server 2003:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\inetpub\wwwroot
       
      Note: This may depend on your IIS configuration. You might need multiple folders when multiple websites are configured.
       
    o C:\Windows\system32 \LogFiles
       
      Note: This may depend on your IIS configuration. You might need multiple folders when multiple websites are configured.
       
    o C:\windows\IIS Temporary Compressed Files
     
  Internet Information Services (IIS) 7.0 or Web Server role on Windows Server 2008:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\inetpub\wwwroot\
       
      Note: This may depend on your IIS configuration. You might need multiple folders when multiple websites are configured.
       
    o C:\inetpub\logs\
       
      Note: This may depend on your IIS configuration. You might need multiple folders when multiple websites are configured.
       
    o C:\inetpub\temp\IIS Temporary Compressed Files
     
  Microsoft SQL Server:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o <SQL Server Installed folder>\*\OLAP\Data
       
    o <SQL Server Installed folder>\*\OLAP\Backup
       
    o <SQL Server Installed folder>\*\OLAP\Log
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following extensions:
     
    o .MDF
       
    o .LDF
       
    o .NDF
       
    o .BAK
       
    o .TRN
     
  Microsoft SQL Server  Failover Cluster:
     
    Note: The < cluster service account> is the account that the specific account is running for cluster service.
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o <Quorum driver letter>:\
       
    o C:\windows\cluster
       
    o For Windows 2003 only: C:\Documents and Settings\<cluster service account>\Local Settings\Temp\
       
    o For Windows 2008 only: C:\Users\<cluster service account>\AppData\Local\Temp
     
  SharePoint Portal Server:
     
    Note: The<SharePoint service account> is the account that the specific account is running for SharePoint services
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\Program Files\SharePoint Portal Server
       
    o C:\Program Files\Common Files\Microsoft Shared\Web Storage System
       
    o C:\Program Files\Common Files\Microsoft Shared\Web Service Extensions
       
    o C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions
       
    o C:\Program Files\Microsoft Office Servers
       
    o C:\Windows\Temp\Frontpagetempdir
       
    o C:\Windows\Temp\WebTempDir
       
    For Windows 2003 only:
       
    o C:\Documents and Settings\All Users\Application Data\Microsoft\SharePoint\Config
       
    o C:\Documents and Settings\<SharePoint service account>\Local Settings\Application Data
       
    o C:\Documents and Settings\<SharePoint service account>\Local Settings\Temp\
       
    o C:\Documents and Settings\Default User\Local Settings\Temp
       
    For Windows 2008 only:
       
    o C:\Users\<SharePoint service account>\Local
       
    o For Windows 2008 only: C:\Users\<SharePoint service account>\Local\Temp
       
    o For Windows 2008 only: C:\Users\Default\AppData\Local\Temp
       
    o For Windows 2008 only: C: \ProgramData\Microsoft\SharePoint\Config
     
    For 32-bit platforms:
     
    o C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files
       
    o C:\Windows\system32\LogFiles
     
    For 64-bit platforms:
     
    o C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files
       
    o C:\Windows\Syswow64\LogFiles
     
  Internet Security and Acceleration Server (ISA) Server:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\Program Files\Microsoft ISA Server\ISALogs
       
    o C:\Program Files\Microsoft SQL Server\MSSQL$MSFW\Data
     
  Microsoft Operations Manager Server (MOM) 2005:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Operations Manager
       
    o C:\Program Files\Microsoft Operations Manager 2005
     
    Hyper-V:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o C:\ProgramData\Microsoft\Windows\Hyper-V
       
    o C:\Users\Public\Documents\Hyper-V\Virtual Hard Disks
       
    o C:\ProgramData\ProgramData\Microsoft\Windows\Hyper-V\Snapshots
       
    o For Windows 2008 R2 only: C:\ClusterStorage
       
    o <Custom virtual machine configuration directories>
       
    o <Custom virtual hard disk drive directories>
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following extensions:
     
    o .AVHD
       
    o .ISO
       
    o .VFD
       
    o .VHD
       
    o .VSV
       
    o .XML
     
  VMWare products:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o <the folders that contain the virtual machines >
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following extensions:
     
    o .VMDK
       
    o .VMEM
     
  Citrix products:
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories:
     
    o The roaming profiles folder on the file server>
     
    Go to Antivirus/Anti-spyware > Target > Do not scan files with the following extensions:
     
    o .LOG
       
    o .DAT
       
    o .TMP
       
    o .POL
       
    o .PF
     
  To enhance the performance on Windows Vista/2008/7, you can go to the Preferences > Global Settings >Desktop/Server in the WFBS console and check the Exclude Shadow Copy sections option.

Créditos : http://esupport.trendmicro.com/solution/en-US/1059182.aspx?utm_source=productWFBS&utm_media=SSCon&ProdVer=17.0.2360

Deixe um comentário

O seu endereço de e-mail não será publicado. Campos obrigatórios são marcados com *