简体繁体 English

SQL Server 2005和防病毒软件

[英]SQL Server 2005 & Antivirus Software

原文 2009-04-30 19:13:45 1 4 sql-server/ sql-server-2005/ performance/ antivirus

Our Network people insist on having antivirus (eTrust) software on ALL servers, including all of our SQL Server 2005 machines. 我们的网络人员坚持要求在所有服务器（包括我们所有的SQL Server 2005计算机）上安装防病毒（eTrust）软件。 How can I best demonstrate that this is hurting performance? 我如何最好地证明这会损害性能？

4 个解决方案

I wouldn't be surprised if you lost your argument to not have eTrust installed on the machine. 如果您失去了在计算机上未安装eTrust的论点，我不会感到惊讶。

I would suggest rather then arguing against it being installed, suggest that they put in place the correct exclusion rules so databases and processes which are extremelly unlikely to get viruses aren't scanned. 我建议而不是反对安装它，建议他们制定正确的排除规则，这样就不会扫描极不可能感染病毒的数据库和进程。

This should make the performance impact of eTrust neglible. 这应该使eTrust的性能影响不容忽视。 (If it's a good product, i've never used it.) （如果它是一个好的产品，我从没使用过。）

Look at this document, page 98: eTrust antiVirus 查看此文档，第98页： eTrust antiVirus

That should give you an idea how to configure it properly. 那应该给您一个想法如何正确地配置它。

First, you must determine that it is hurting performance. 首先，您必须确定它正在损害性能。 The clearest way, of course, is to create a test suite wherein you can evaluate TPS performance. 当然，最明确的方法是创建一个测试套件，您可以在其中评估TPS性能。 You'll be hard pressed to do this without either multiple apps running a pretty demanding suite of transactions or a multi-threaded app. 如果没有多个应用程序运行非常苛刻的事务套件或多线程应用程序，您将很难做到这一点。 You might want to Google SQL Server, "Testing" and "TPS" to see if there are any commercial products to help you (I don't know of any). 您可能想在Google SQL Server的“测试”和“ TPS”中查看是否有任何商业产品可以帮助您（我不知道有）。 If you are rolling your own testing suite, I'd suggest getting a copy of "SQL Response" from redgate software to do the performance monitoring. 如果您要开发自己的测试套件，建议您从redgate软件获取“ SQL Response”的副本以进行性能监视。

The antivirus itself will affect performance primarily via memory consumption and network connection monitoring. 防病毒本身将主要通过内存消耗和网络连接监视来影响性能。 WRT network issues, many antivirus packages look for Helkorn attacks on port 1433 (Helkorn is a popular worm - Google it - and port 1433 is SQL Server's listening port) so you might see some network issues with antivirus that you wouldn't see elsewhere. 关于WRT网络问题，许多防病毒软件包都在端口1433上寻找Helkorn攻击（Helkorn是一种流行的蠕虫-Google蠕虫-而1433端口是SQL Server的侦听端口），因此您可能会看到一些与杀毒软件有关的网络问题，而您在其他地方看不到。 More to the point, I'd look for initial connection time latency if you want to document the drawbacks of antivirus. 更重要的是，如果要记录防病毒的缺点，我会寻找初始连接时间延迟。 However, you should also keep in mind that flying without antivirus will make you more vulnerable to Helkorn so you'll want to take steps to mitigate the risk. 但是，您还应该记住， 不使用防病毒软件进行飞行会使您更容易受到Helkorn的攻击，因此您需要采取措施降低风险。

With respect to Memory, SQL Server is very memory hungry when fully loaded. 关于内存，SQL Server在完全加载时非常占用内存。 Here you'll want to be looking to see if the memory footprint of your antivirus has any impact. 在这里，您需要查看防病毒软件的内存占用量是否有影响。 Honestly, I have my doubts. 老实说，我有疑问。 WRT CPU, I doubt you'll see much difference; WRT CPU，我怀疑您会看到很多不同之处； especially if you schedule full scans during off hours. 特别是如果您计划在非工作时间进行全面扫描。

One somewhat quick way to test this would be 2 virtual boxes. 一种测试这种情况的快速方法是2个虚拟盒子。 In fact you could actually set them up on the same physical box. 实际上，您实际上可以将它们设置在同一物理盒子上。 Have them both start some sort of long winded SQL insert/query/delete/etc. 让它们都开始某种长时间的SQL插入/查询/删除/等等。 See which one finishes first. 看看哪个先完成。 If there is a significant discrepancy, then your hypothesis could be proven. 如果存在重大差异，则可以证明您的假设。

My father-in-law is a science teacher and ALL I ever hear about is the scientific method. 我岳父是一位科学老师，我所听到的只是科学方法。 Make a hypothesis, test your hypothesis. 做一个假设，检验您的假设。

Let us know what happens. 让我们知道会发生什么。

Benchmark your server both before and after you are running eTrust. 在运行eTrust之前和之后对服务器进行基准测试。 You can do this by profiling your applications that access your server as well as running processes on the server itself. 您可以通过对访问服务器以及在服务器本身上运行进程的应用程序进行性能分析来实现此目的。 Create queries that you can test with in both scenarios. 创建可以在两种情况下进行测试的查询。 Once you have your performance matrix you can submit that to management/network people. 一旦有了绩效矩阵，就可以将其提交给管理/网络人员。