All exclusions are described here: https://www.veeam.com/kb1999
(I prefer the KB article over the one in the helpcenter as it is for 7, 8 and 9.x versions.
This discussion (A/V or not on servers) is a very old one, but for some reason it never goes away
. I've worked for companies that insisted on having A/V on every server and for companies that allowed exclusions when certain conditions were met and finally for companies that never installed A/V on any server. No matter what situation you are in, my best practices always have been the following:
1. Use the exclusions from the vendor of the workload
2. Don't forget exclusions for other software running on that box (for example, a monitoring agent, think Veeam ONE (https://www.veeam.com/kb2046
) or Operations Manager or Nagios.)
3. Secure it as good as possible, as deevie above already said and I fully agree. Especially this one, because of the data it holds.
In the end, if you do the exclusions correct, (I hope your security department is better at it than some of the ones I worked with
) don't forget potential additional software that runs on it, then your backups should run just fine
Hope it helps