I just read in one of the articles that real-time scanning for non-executable files for folders attached to "Receive Locations" and BizTalk executables should be exemted from real-time antivirus scanning. This is suggested as one of the OS optimization steps so as to improve performance.
Now my question is whether this will compromise security of server in any way, and how practical is this suggestion?
I don't like that suggestion very much - any files coming from a system outside your company should be scanned, and that would include the files being picked up on BizTalk receive locations. If the files are being generated internally then it would be ok to disable scanning on them.
The best recommendation on that article with regards to anti-virus is to disable scanning on the database files.
Dealing with some antivirus issues on a BizTalk Server led me to find this thread many years after it started. I'll say this...while I understand the concern about disabling antivirus scanning on BizTalk FILE locations, I would counter with the question as to why FILE endpoints are being used in Production? My two cents is that any other adapter would be preferred. To me, the FILE adapter is something to use for developer testing and not much more...
What is wrong with File adapter???