Most organizations run anti-virus (AV) software on their servers and workstations to detect and fix computer viruses. However, running antivirus software on server software systems such as Operations Manager can cause data corruption and have a detrimental effect on performance.
There are particular folders and files that should be excluded from anti-virus scanning.
- These include the SQL Server database files used by Operations Manager components as well as system database files for the master database and tempdb.
- You will also want to exclude queue and log files used by Operations Manager from anti-virus scanning.
- These include but are not limited to files under %ProgramFiles%\System Center Operations Manager\Health Service State\ and its subdirectories.
- Other areas to exclude from scanning is the OpsMgr install and wbem directories.
- You will want to exclude the page file from anti-virus scanning and the Windows temp directory (%windirtemp%) as well.
If you use a firewall, you will need to open up the ports for installing the agent (135), client communication (5723), email communication (25), and potentially others. The ports used by Operations Manager 2007 are listed in Table 1.
Table 1. Communication Paths and Ports
|From Component||To Component||Bidirectional?||TCP Port|
|Root Management Server (RMS) or Management Server (MS)||Operational Database (Ops DB) and Data Warehouse (DW DB)||No||OLEDB 1433 (SQL); in a cluster the second node requires a unique port number|
|RMS||MS or Gateway Server||Yes||5723|
|Agent||RMS, MS, or Gateway||No||5723|
|Reporting Server, Web Console Server||RMS||No||5724|
|Connector Framework Source||RMS||No||51905|
|Agentless Exception Monitoring (AEM) Client||AEM file share on |
RMS or MS
|Yes||SMB 445, 51906|
|Software Quality Metrics (SQM) Client||SQM Endpoint||No||51907|
|Web console||Web Console Server||No||HTTP 51908|
|Audit Collection Services (ACS) Agent||ACS Collector||Yes||51909|
|ACS Collector||ACS DB||No||OLEDB 1433 (SQL)|
|Reporting Server||DW DB||No||OLEDB 1433 (SQL); in a cluster the second node requires a unique port number|
|Operations console||Reporting Server||No||HTTP 80|
UPDATE 7/21/08: Rod Trent recently posted an article on recommended antivirus exclusions, see http://myitforum.com/cs2/blogs/rtrent/archive/2008/07/18/recommended-antivirus-exclusions-for-opsmgr.aspx.