Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 3692 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AV for Mac and Matlab

BobWhite

We have a Mac OS X 10.6 workstation that we recently installed the AntiVirus on.  The WS is used to run numerical processing apps that are generated from Matlab.  The apps rely on parallel processing to improve performance.  When the apps start up they open a large number of files, many of them quite large.  With the AV installed the processing slows to a crawl, and almost to a stand still.  Is there some way to set AV so it doesn't scan a app or any files that app may open?

:18975


This thread was automatically locked due to age.
Parents
  • 0

    Hello Momo,

    dunno much about the Mac version (and MATLAB) but I'm pretty sure that

    • Sophos normally does not scan a large file in its entirety (archives are AFAIK subject to a little more scanning even if the option is turned off)
    • files are not re-scanned (just "fingerprinted" to verify they haven't changed) during a session

    Of course an application extracting many files from archives during startup and deleting them afterwards or at termination will encounter the same overhead each time. We humans more or less know when an application has finished initialization - but It might be impossible for a program (especially a general which has to deal with thousands of applications) to reliably detect this. 

    I don't think this can be generally solved. In theory there could be a standard interface with which an application could request temporary exemption - but then the application vendor would have to take responsibility that nothing bad happens during this period. Quite unimaginable. The other option would be special treatment by the scanner - e.g. by verifying signatures (while this would reduce overhead it would not make it go away). But then this would have to be done for literally thousands of applications and their files.

    Seen from another angle - AV scanners are not some niche products and with most applications there is no problem. It is known what goes well with them and what not. So one may ask why a particular application needs to be designed in a way which causes excessive overhead. Personally I don't see why an AV vendor (not Sophos in particular) should put extensive effort into making specific applications perform (except when it is a general issue - and I'm sure that all vendors address this).

    Christian

    :33889
Reply
  • 0

    Hello Momo,

    dunno much about the Mac version (and MATLAB) but I'm pretty sure that

    • Sophos normally does not scan a large file in its entirety (archives are AFAIK subject to a little more scanning even if the option is turned off)
    • files are not re-scanned (just "fingerprinted" to verify they haven't changed) during a session

    Of course an application extracting many files from archives during startup and deleting them afterwards or at termination will encounter the same overhead each time. We humans more or less know when an application has finished initialization - but It might be impossible for a program (especially a general which has to deal with thousands of applications) to reliably detect this. 

    I don't think this can be generally solved. In theory there could be a standard interface with which an application could request temporary exemption - but then the application vendor would have to take responsibility that nothing bad happens during this period. Quite unimaginable. The other option would be special treatment by the scanner - e.g. by verifying signatures (while this would reduce overhead it would not make it go away). But then this would have to be done for literally thousands of applications and their files.

    Seen from another angle - AV scanners are not some niche products and with most applications there is no problem. It is known what goes well with them and what not. So one may ask why a particular application needs to be designed in a way which causes excessive overhead. Personally I don't see why an AV vendor (not Sophos in particular) should put extensive effort into making specific applications perform (except when it is a general issue - and I'm sure that all vendors address this).

    Christian

    :33889
Children
No Data