Server
Q: If I need to run virus scanning software on a machine running SQL Server, what do I do without impacting performance?
A: The answer to this question depends on the type of virus scanning software you want to run. There are currently three types of virus scanning software-active virus scanning, virus cleanup, and vulnerability scanning.
Active virus scanning software
We recommend that you use the active virus scanning for the following SQL Server usage scenarios:
Run on the Internet.
Read and execute files from other servers.
Run an HTTP server, such as Microsoft Internet Information Services (IIS) or Apache. If you use XML for SQL Server (SQLXML) to access SQL Server via HTTP on IIS, it applies to your operating environment.
Host file sharing.
Use SQL Mail to process incoming and outgoing e-mail messages.
The main performance cost is to open and close the file. Although active virus scanning may cause significant performance losses on heavy duty machines, it is still a recommended virus scanning software for security reasons.
Virus cleanup Software
If the virus cleanup software has to scan the SQL Server database files, SQL Server will degrade performance due to the large number of read operations on the I/O subsystem, especially on servers with a larger number of files. If the software opens a file for scanning, and you open SQL Server at the same time, the software will mark the database as "suspicious," causing the database service to break.
It is worth noting that this type of software does not take effect until the virus has invaded your hard disk. Therefore, it is best for your organization to prevent the problem by adopting reliable and safe operations.
Vulnerability scanning software
Vulnerability scanning software is primarily intended for HTTP servers. This type of virus scan is a good way to clear out potential vulnerabilities. Microsoft did not notice any SQL Server performance loss when using vulnerability scanning software.