Kaseya recommends that there is no AV installed on the server. I understand their point of view on it, but we are concerned. Should anything happen to our VSA, we would be in some deep water, and that is something that I'd like to prevent.
My question: Anyone running AV on their KServer? If so, what software, exclusions, problems, ect.
We are running Kaspersky Antivirus on our VSA without problems.
Just for the benefit of others reading this post. Christopher Curtis and I had a phone call to discuss his questions on AV on a Kaseya server. We do support AV, so longs exclusions are set appropriately on the Kaseya folder and SQL files. The technical details are as follows:
Kaseya Application: helpdesk.kaseya.com/.../104562623-R9-Install-Upgrade-Checklist
"Disable or uninstall any anti-virus that may be running on the new server during the upgrade process. Anti-virus can interfere with the installation of Kaseya as it can block and/or lock files during the installation process. After the installation of Kaseya, we recommend setting exclusions for the entire Kaseya directory (typically C:\Kaseya)."
SQL Server: support.microsoft.com/.../309422
What would 'happen' to the VSA to cause it to get infected?
Would conventional AV software protect your VSA in such cases?
Would having (say) hourly backups of your VSA sufficiently mitigate the risk?
For us I believe there's a higher chance of AV causing problems with the VSA than preventing them, so we don't run AV on our VSA.
If you do want to run AV then at the very least exclude the SQL database folders.
I do not install any anti-virus on my Kaseya Server's as it tends to cause more potential issues than I would like to deal with. To answer your questions, a virus on any type of role based server is really dependent on many factors and ultimately the role of the server and the type of infection.
I backup our front-ends hourly and our database daily for any issues that may arise to lessen risk and have a plan in case our Kserver's are hindered.
Hi Oscar, my questions were rhetorical, trying to get wellbornsteak to consider whether installing AV on the VSA was the best method of keeping it protected and highly available. Sorry if that wasn't clear.. :)
I don't remember when I actually got virus on server last time. New Windows servers, tight security, firewall and patching policy keeps servers pretty safe. Any kind of hacking attempt to VSA components would go unnoticed by AV anyways.
Workstations are another story, nice to notice how viruses bybass AV unnoticed and crypt everything on workstation and fileshare.