Q
Can I run virus scanning software on my computer running SQL Server without impacting performance?

A
The answer to this question varies depending on the type of virus scanning software you would like to run. Three kinds of scanning software are available—active virus scanning, virus sweep, and vulnerability scanning.

Active Virus-Scanning Software
Active virus scanning is strongly recommended for SQL Server installations that:

Run on the Internet.

Read and execute files from other servers.

Run HTTP servers such as Microsoft Internet Information Services (IIS) or Apache. If you use XML for SQL Server (SQLXML) to access SQL Server through HTTP on IIS, this scenario would apply in your operating environment.

Host file shares.

Use SQL Mail to handle inbound or outbound e-mail messages.

The main performance hit takes place at file open and close. Although active virus scanning can cause a perceptible drain on a heavily loaded system, it is recommended for safety purposes.

Virus Sweep Software
If the virus-sweep software has no way to exclude SQL Server database files from its scan, the software can negatively affect SQL Server performance by flooding the I/O subsystem with reads, especially on servers with large numbers of files. If the sweep has opened a file for scanning and you start SQL Server, the software could mark the database as suspect, rendering the database unavailable.

It is important to note that this type of software catches viruses after they've invaded your hard disk, so your organization is better off reducing the risk of infection in the first place by adopting sound security practices.

Vulnerability Scanning Software
Vulnerability scanning software has been available for HTTP servers for some time. This kind of virus scan is a great way to lock down potential holes. Microsoft is not aware of any SQL Server performance loss when you use vulnerability scanning software.