What are some best practices for implementing Symantec Protection for SharePoint Servers (SPSS) 6.0?

Best Practices for Symantec Protection for SharePoint Servers 6.0:

1. Make sure SharePoint AntiVirus is scanning for uploads and downloads is disabled until SPSS 6.0 is installed on each Front-End Server in the SharePoint environment, including the SharePoint server running Central Administration. 

 [Real-time Scan Settings, Edit, Uncheck scan documents on upload; download, etc.]  Once product installed and set up, re-enable.

2. The account that the SPSS 6.0 service runs as needs to be a local admin on the SharePoint server as well as SharePoint farm administrator. 

3. For SQL 2005:  the account that SPSS runs as will either need to be a local administrator on the SQL 2005 server or be given read/write access to the SharePoint content database. 

    For SQL 2008: the account that SPSS runs as will need to be given read/write permission to the SharePoint content database.  Note: for SQL 2008, just giving the SPSS account local admin rights on the 2008 server no longer gives or provides read/write access to the database. 

4. Before enabling AntiVirus scanning on uploads and/or downloads, confirm that each SPSS console in the environment has a Symantec Scan Engine scanner registered to it.  

It is recommend that each SPSS console have two scanners registered to it for redundancy purposes.  Note:  consoles can share scanners, so this does not mean each console should have two dedicated scanners. 

 In SPSS, click on Register A New Scanner.

5. For real-time scanning, it is recommended that both scanning on uploads and downloads be enabled.  [Real-time Scan Settings, Edit]

6. For Scheduled/manual scans, it is recommended to configure these during off-hours or during low load periods of time.  If regular scheduled scans are going to occur, that a dedicated off-box Scan Engine scanner be setup for this. 

For additional information, including supported Operating Systems, and how to configure the Symantec Protection for SharePoint Servers console please review the Implementation Guide. 

Symantec Scan Engine Best Practice Settings for SPSS:

1. In the Scan Engine UI, https://<hostname-IP-Address>:8004, under Configuration > Resources, set Maximum RAM used for in-memory file system to 512MB (Default is 16MB).  Also set Maximum file size stored within the in-memory file system to 10MB (Default is 3MB).  These two settings should help a little with performance.

2. For situations where there will be a high load on the front-end SharePoint Servers, install Scan Engine on their own dedicated Servers.  Instead of running them on the same server as the SPSS console.  This is not necessary, but in high load situations this will help remove the load generated by Symantec Scan Engine.  This could also help make Scan Engine more efficient, since it is not sharing CPU and memory with the SPSS console, SharePoint, and any other CPU intensive service that could be running on the SharePoint server.  

3. To ensure high availability of Antivirus services, it is also recommended to add more than one Scan Engine to the SPSS configuration.

4. It is suggested that the Scan Engine Filter settings, Policies > Filtering > Container Handling, be reviewed.  There is no specific recommendation here, just make sure you are aware of them, and how Scan Engine will react to such things as encrypted files, or malformed files, etc. 
 
For additional information, including questions regarding supported hardware, Operating Systems, installation questions, and 64-bit support, please see the Symantec Scan Engine 5.x Implementation Guide as well as the readme text files that the product.
 

Applies To

Microsoft SharePoint 2010
MOSS 2007
WSS 3.0
SPSS 6.0