Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 1829 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Conflict with other Anti Virus

fdsafdsfds

Just a quick question?

Why do Sophos AV or other Anti-Virus conflicts each other ? and why do others not?

:15055


This thread was automatically locked due to age.
  • 0

    Hi,


    It's not a simple answer this one.  Multiple AV products on the same machine can be ok but it's safer to warn or block it for the standard use case.

    The main problem is on-access scanning.  It will either make the machine run really slowly or could introduce deadlocks.  Essentially, without knowing how all the different products implement their real-time/on-access technologies, it's hard to say if it will or will not conflict and even then it may only conflict in certain circumstances and with certain products.  It's therefore easier and safer just to try prevent it as the gain is not really worth the risk at least for the most common scenario which is on the client/endpoint.  If there is a requirement to run multiple virus products, those scenarios would be the exception and more thought can go into the install.

    If you installed two AV products you might be able to disable the on-access component on one and use it for just on-demand scanning.  Maybe some sort of "sheep-dip" machine would be a good use case, where you might want to install one main AV product with on-access scanning just to generally protect the machine, and then install multiple other AV products without on-access so you could scan files on this machine with multiple engines before releasing the file. 

    The other scenario and most common is to have multiple AV engines on email gateway product.  Typically, the product implementing this would just install the engines and virus data and interface at the right level with them.

    The other problem is, that typically most AV products install with on-access running by default, so when you installed the second, there is a chance the machine could lock up before you even had a chance to disable the other.


    If I was desperate to scan a file against multiple vendors virus data, I would probably just install one product in full and then use the command line scanner of another.  Or install the first, disable the on-access scanning and then install the second but this would typically be one one machine for a specific purpose.

    I hope this helps.

    Jak


    :15061