Hi all, today I bring some recommendations for configuring Antivirus in SharePoint 2013.
Firstly, the recommendations for Antivirus, that include Search for SharePoint:
Confirm that AntiVirus exceptions for the entire Search farm as well as the crawl component temp directories.
This is the list of directories and processes that should be excluded:
SharePoint Foundation 2013
You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:
- C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions
If you do not want to exclude the whole Web Server Extensions folder from antivirus scanning, you can exclude only the following two folders:
- C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions15Logs
- C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions15DataApplications
- C:WindowsMicrosoft.NETFramework64v4.0.30319Temporary ASP.NET Files
- C: UsersServiceAccountAppDataLocalTempWebTempDir
Note The WebTempDir folder is a replacement for the FrontPageTempDir folder.
- C:Usersaccount that the search service is running asAppDataLocalTemp
Note The search account creates a folder in the Gthrsvc_spsearch4 Temp folder to which it periodically has to write.
Note If you use a specific account for SharePoint services or application pools identities, you may also have to exclude the following folders:
SharePoint Server 2013
You may have to configure the antivirus software to exclude the Drive:Program FilesMicrosoft Office Servers folder from antivirus scanning for SharePoint Server 2013. If you do not want to exclude the whole Microsoft Office Servers folder from antivirus scanning, you can exclude only the following folders:
- C:Program FilesMicrosoft Office Servers15.0Data
(This folder is used for the indexing process. If the index files are configured to be located in a different folder, you also have to exclude that location.)
- C:Program FilesMicrosoft Office Servers15.0Logs
- C:Program FilesMicrosoft Office Servers15.0Bin
- C:Program FilesMicrosoft Office Servers15.0Synchronization Service
- Any location in which you decided to store the disk-based binary large object (BLOB) cache (for example, C:Blobcache).
- C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions15Data (and sub directories)
- C:Program FilesMicrosoft Office Servers15.0SearchRuntime1.0noderunner.exe (NodeRunner process exclusion)
- C:Users[Search Service Account]AppDataLocalTemp
- If you Index data -RootDirectory is customized separately from SharePoint data directory, also exclude (this is where the Index lives)
You could also just exclude the entire Office 15 hive if that is easier for your AV software.
Some more info is on TechNet but it isn’t aimed at Search
Secondly, the recommendations for IP Offloading:
netsh int ipv4 show global | findstr “Task Offload”
netsh int ipv6 show global | findstr “Task Offload”
There are also some more in depth instructions for nic cards with more options to ensure that IP Offloading is completely off. The instructions below are for the FAST Search product but hold true for SP2013 as well.
Hope that helps!