To ensure stable, optimal performance for your Metallic backup gateways, you must exclude certain folders and files from antivirus read, write, and scan processes.
Improperly configured antivirus exclusions can cause outages of applications and services due to contention or file locking. For example, antivirus software might lock the collect files that are generated during a backup. Also, most virus-scanning applications use real-time scanning, which can degrade performance or cause failures during Metallic backups and other operations.
Test Metallic features and and functions. During normal operations, monitor Metallic processes and how those processes interact with antivirus software. Coordinate with your antivirus software vendor to achieve proper configuration and tuning of the antivirus software. The goal is for the antivirus software's rules and schedules to allow Metallic operations to run normally and complete successfully.
The information provided is not a complete list of exclusions because the Metallic software might change with updates and new releases.
Make sure that no scheduled or on-demand antivirus scans run during Metallic backups.
Degraded backup performance and unknown backup failures might be caused by host intrusion prevention systems (HIPS).
If you experience performance and consistency problems with SQL Server when certain modules are loaded into the server, see Microsoft KB 2033238.
Exclusions to Implement
CommServe Server, Client, and Backup Gateway Installation Paths
Paths to exclude
File extensions to exclude
Updates Cache (SoftwareCache) folder with CVPackages and CVUpdates subfolders on the CommServe server
Job Results folder
Index Cache folder
For the Index Cache folder, exclude the following:
Additional Backup Gateway Paths
Paths to exclude
File extensions to exclude
Disk libraries (CV_MAGNETIC folder)
Note: If you use a UNC path to access the magnetic libraries, exclude the UNC path as well.
For disk libraries (CV_MAGNETIC folder), exclude the following:
Deduplication engines (CV_SIDB folder)
For deduplication engines (CV_SIDB folder), exclude the following:
Virtual Server Agent
VMware VDDK (vmware-SYSTEM folder)
Related Topics and External References
Microsoft virus scanning recommendations
Microsoft KB article 822158
Microsoft information about antivirus software for SQL Server
Microsoft KB article 309422
Microsoft information about problems caused by antivirus software on Cluster Services that are not cluster aware
Microsoft KB article 250355
Microsoft information about Forefront Endpoint Protection (FEP) group policy settings
Symantec standard recommendations for servers to create exceptions
McAfee standard recommendations for servers to create exceptions
Sophos standard recommendations for servers to create exceptions
Microsoft Defender Antivirus scanning options
By default, Microsoft Defender Antivirus UNC paths are not scanned. If you configured Microsoft Defender Antivirus to scan UNC paths, run the Microsoft Powershell script to exclude the paths from being scanned.
Implementing the antivirus exclusions described in this document may increase the attack vulnerability risk to computers or network by malicious users or by malware or viruses. Before making these changes, it is recommended that the attack vulnerability risks that are associated with implementing these settings be evaluated. It is up to the discretion of the reader's and their company's policies whether to implement the guidelines recommended within this document.
Minor revisions and/or service packs that are released by application and operating system vendors are supported by our software. We will provide information on any known caveat for the revisions and/or service packs. In some cases, these revisions and/or service packs affect the working of our software. Changes to the behavior of our software resulting from an application or operating system revision/service pack may be beyond our control. The older releases of our software may not support the platforms supported in the current release. However, we will make every effort to correct the behavior in the current or future releases when necessary. Please contact your Software Provider for any problem with a specific application or operating system.
Additional considerations regarding minimum requirements and End of Life policies from application and operating system vendors are also applicable.