Discussions specific to the VMware vSphere hypervisor
Post Reply
fafa24
Enthusiast
Posts: 52
Liked: 3 times
Joined: Jun 14, 2015 4:48 pm
Contact:

Trend Officescan with Veeam 9.03

Post by fafa24 » Jan 10, 2017 5:04 pm

Hello All,

Our security department insists that on all our machine AV should be installed. We use Trend Officescan. I noticed this article from Veeam https://helpcenter.veeam.com/backup/80/ ... virus.html - Best Practice

I would prefer not to install AV on the Veeam backup server which has also the repository. However I would need some arguments. What is the recommendation of this community? I would think as the article state exclusion is necessary like repository drive and the processing folders. I think the quality and reliability of the backups sets should be weighted more than the security aspects.

Thanks,

deevie
Influencer
Posts: 10
Liked: never
Joined: Jan 22, 2012 8:58 pm
Contact:

Re: Trend Officescan with Veeam 9.03

Post by deevie » Jan 10, 2017 8:52 pm

Well, I personaly think the veeam backup server should be best secured of all. It has access to all VM's so this is a very interesting machine to launch attacks to other machines. If you secure your antivirus well, you should not have any issues.

Mike Resseler
Veeam Software
Posts: 4974
Liked: 524 times
Joined: Feb 08, 2013 3:08 pm
Full Name: Mike Resseler
Location: Belgium
Contact:

Re: Trend Officescan with Veeam 9.03

Post by Mike Resseler » Jan 11, 2017 6:31 am

Hi,

All exclusions are described here: https://www.veeam.com/kb1999 (I prefer the KB article over the one in the helpcenter as it is for 7, 8 and 9.x versions.

This discussion (A/V or not on servers) is a very old one, but for some reason it never goes away :-). I've worked for companies that insisted on having A/V on every server and for companies that allowed exclusions when certain conditions were met and finally for companies that never installed A/V on any server. No matter what situation you are in, my best practices always have been the following:

1. Use the exclusions from the vendor of the workload
2. Don't forget exclusions for other software running on that box (for example, a monitoring agent, think Veeam ONE (https://www.veeam.com/kb2046) or Operations Manager or Nagios.)
3. Secure it as good as possible, as deevie above already said and I fully agree. Especially this one, because of the data it holds.

In the end, if you do the exclusions correct, (I hope your security department is better at it than some of the ones I worked with ;-)) don't forget potential additional software that runs on it, then your backups should run just fine

Hope it helps
Mike

fafa24
Enthusiast
Posts: 52
Liked: 3 times
Joined: Jun 14, 2015 4:48 pm
Contact:

Re: Trend Officescan with Veeam 9.03

Post by fafa24 » Jan 11, 2017 8:43 am

Thanks for the input. I appreciate. This article does not mention exclusion for the repository folders, but the article in the helpcenter mentioned it. Does this mean repository storage folder exclusion for AV is not necessary?

foggy
Veeam Software
Posts: 16932
Liked: 1377 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: Trend Officescan with Veeam 9.03

Post by foggy » Jan 11, 2017 11:19 am

The article in fact does mention it:
*Also include the path the backup files*

Post Reply

Who is online

Users browsing this forum: No registered users and 17 guests