Should you install AV software on servers? — SuperTechman

Antivirus software should always be the fist piece of software that is to be installed on all computers. It acts a the policeman at the gate of the system overseeing all operations and stopping any harm from coming to your machine as you are using it. It may seem crazy to advise against installing antivirus on any particular machine, but when it comes to servers you may not actually actually need it. When you think about it, if one of your servers does not connect to the outside world directly and doesn’t have any direct user interaction, there may be no reason that you install AV software on servers.

In many cases installing AV software on servers may actually hurt the performance and stability of your server. Antivirus software’s main role is to scan incoming and outgoing files from a system. This extra overhead caused by real-time scanning, or the risk that AV software may quarantine files critical for line-of-business operations can result in performance issues. If AV is installed on a selected server, these AV disk scans should always be scheduled out-of-hours to make sure there is no impact on performance. Antivirus can sometimes make you more vulnerable because hackers can exploit the vulnerabilities of the antivirus as well as the vulnerabilities of the operating system in order to access your server. More vulnerabilities equals more opportunities for hackers. If you set up the server properly, patch it regularly to close any possible Microsoft vulnerabilities, and maintain good security practices you usually don’t need antivirus.

Now, please note, there are some instances when you will need antivirus. So which servers should have antivirus and which servers shouldn’t? Here’s a simple breakdown:

Types of Servers:

  • Exchange: YES — Use Exchange-specific antivirus solution.
  • SharePoint: If you trust that the downloader and uploader workstations are secure, you don’t really need AV at the SharePoint level. If you aren’t sure or you just want to be extra careful, we recommend (and so does Microsoft) that you use a SharePoint VS API-based solution.
  • AD/DC: No -Antivirus not necessary unless users interact with the server (if there are multiple roles on same server).
  • DHCP/DNS: No — Antivirus not necessary unless users interact with the servers (if there are multiple roles on the same server).
  • File Server: Yes — Set antivirus to scan on write only. This server is only getting a virus is if a user accidentally uploads a file they shouldn’t.
  • Utility Servers: These servers connect to file stores or other web stores so scanning on write is advised.
  • SQL/Database: Don’t worry about antivirus unless non-admin users are interacting with the server (they shouldn’t be, btw).
  • Web Server: Web servers always need antivirus because users are going to be uploading files and/or linking to other sites.

If you’re setting up a new server make sure to wait until you’ve done all your configuration and have installed all the software or server roles before adding any antivirus so that it doesn’t block any registry or system file changes (and trust me, it will block stuff).

If you need an AV Solution it is important that you don’t use a generic one-size-fits-all antivirus solution on your servers. If there’s antivirus made specifically for the software on your server, use that. It may cost more, but it’s worth it because that generic stuff isn’t going to offer you much protection. For some of the servers above, it’s actually better to have no antivirus at all than to have a generic solution.

If you are unsure then I would always recommend that you play it safe and install AV on everything if possible, but sometimes it is not the case due to performance. I highly recommend at the very least running AV on servers that touch the net and ones clients touch like RDS and Citrix app servers. I also recommend splitting out the AV policies to be separate for client machines, and groups for servers to be flexible. This is just one layer of the security model as well.

Originally published at on March 10, 2020.




Unique blog that is aimed to provide I.T professionals Systems/Network administrators technical solutions, insights & knowledge on a wide variety of topics.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Join now !

Cyber Security - Interview & CV/Resume Hints & Tips

BlackMiner supporting Odocrypt

Sentinel Desktop Client - Alpha v0.0.4

Why Worry About Data Security?

Hey there, @thedapplist will be hosting an AMA session with the Simon from Voltz to get more…

How to Secure Your Money and Yourself Online Today

How To Buy Privateum/PVM Tokens

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Unique blog that is aimed to provide I.T professionals Systems/Network administrators technical solutions, insights & knowledge on a wide variety of topics.

More from Medium

How to get the Fanatic badge easily on Stack Overflow the PRO way

Add colourful current working git branch names on the Linux terminal

How To Send/Received Files All-Over-World (CLI) without Port Forwarding?

What are the Risks of using a public Wi-Fi?

Risks of using public wifi