To reduce Anti-Virus program impact on system performance and uptime, Progress files need to be excluded from its active scanning. Essentially, the entire OpenEdge 'runtime' environment needs to be added to AntiVirus (AV) scanning exclusions.
Most AV software have various 'levels' of exclusions that can be considered to apply, it depends on the AV Software (like folders, files, executable's, extensions etc, and type of exclusions)
The directories containing the following files and executables would cover 99% of the Progress run-time environment. Reports that follow having applied these can be used to add further exclusions particular to the runtime environment:
- WRKDIR,
- PROPATH application files (.r code),
- All Database file extents,
- Temporary files (-T directory),
- Progress installation directory, DLC/bin in particular which contains executables.
Whether those files are excluded individually or by directory, the result will be the same, they will not get scanned by anti-virus process.
For example:
- All files in the Progress bin directory may be excluded.
- All database extents and database backup files should also be excluded from scanning, as those files are usually very large and hence very much scan intensive.
- The working directory and any sub folders of the working directory may be excluded from scans to avoid potential issues with the client portion of an application.
- Progress application files (.r code)
- Temporary files (-T directory).
There may be further performance considerations, depending on any other security features that are provided by the AntiVirus Vendor, typically packaged with the AV software like disk encryption, which in theory should be transparent to the runtime database but may add a performance overhead, and Network Monitoring, which may interfere with client/server connections.
