Avoid the most common cause for Exchange D/R- Part 1: Correctly configure your File System (File level) anti-virus on Exchange Server 2003
As professionals out there know, improperly configured File Level (File System) Anti-Virus Software is the cause of an inevitable Exchange Server Crash.
Now we all know File-Level Anti-Virus is a necessity on ALL servers in your environment, so how do we ensure we deploy it on our Exchange Servers in a way which will not affect the performance / reliability of our Exchange Servers & still maintain the desired level of security on our network?
The answer is two fold & relatively simple, even if not regularly / correcly implemented in most environments.
1. Implement Exchange Aware Anti-Virus Products to Monitor & Secure your messaging environment
2. Implement File Level Anti-Virus with the correct exclusions set
Both products can seemlessly co-exist since they use different methods for scanning & scan different portions of data.
In this article I will address the File Level AV exclusions since the reliability of your Exchange Server is directly impacted by the same.
The following is a list of Exclusions which need to be set at the Directory, File Extension & Process level with preference given to the Directory & Process levels over & above the Extension level.
Exchange Server 2003
Set Directory Level Exclusions for:
Now we all know File-Level Anti-Virus is a necessity on ALL servers in your environment, so how do we ensure we deploy it on our Exchange Servers in a way which will not affect the performance / reliability of our Exchange Servers & still maintain the desired level of security on our network?
The answer is two fold & relatively simple, even if not regularly / correcly implemented in most environments.
1. Implement Exchange Aware Anti-Virus Products to Monitor & Secure your messaging environment
2. Implement File Level Anti-Virus with the correct exclusions set
Both products can seemlessly co-exist since they use different methods for scanning & scan different portions of data.
In this article I will address the File Level AV exclusions since the reliability of your Exchange Server is directly impacted by the same.
The following is a list of Exclusions which need to be set at the Directory, File Extension & Process level with preference given to the Directory & Process levels over & above the Extension level.
Exchange Server 2003
Set Directory Level Exclusions for:
- Folders Where the Exchange Databases Reside (Default Path: \Exchsrvr\MDBData)
- Folders where the Exchange Streaming Transaction files reside (Default Path: \Exchsrvr\MDBData)
- Exchange MTA Files (Default Path: Exchsrvr\MTAdata)
- Message Tracking Log files (Default Path: \Exchsrvr\Server_Name.log)
- SMTP Virtual Server folders (Default Path: \Exchsrvr\mailroot)
- Site Replication Service Folders (Defailt Path: \Exchsrvr\srsdata)
- IIS System Files (Default Path: %SystemRoot%\System32\Inetsrv)
- Internet Mail Connector Files (Default Path: \Exchsrvr\IMCData)
- Path to the Storage Group Log Files (Default Path: Default Path: \Exchsrvr\MDBData)
Set the Process Exclusion for the following Exchange Processes:
- Store.exe
- MAD.exe
- W3WP.exe
Set the File Exntension Exclusions for the following:
- *.edb
- *.stm
- *.chk
- *.log
With the above Exclusions set, your AV software will not be able to "Tamper" with the day to day function of your Exchange 2003 Server, causing it to Fall-Over & the possibility of a lengthly restore procedure with risk of data-loss.
Comments