Antivirus recommendations for inSync
Overview
Antivirus or third party encryption programs may sometimes lock actively used files or folders of other applications. Specifically anti-virus programs are known to lock files while running a real time or on-access scan.
If any such third party application locks inSync application files or folders which contain configuration or logs, it may result in corruption or unexpected behavior. Hence, Druva highly recommends you to add exclusions for inSync application and configuration paths.
Click the following links to view the antivirus recommendations for the respective component:
Antivirus Recommendations for inSync On-Premise
This section provides answers to some FAQs on Druva’s antivirus recommendations for inSync On-Premises. FAQs are followed by some recommendations from Druva to avoid issues caused by antivirus applications.
FAQs
- Why inSync directories should be excluded from antivirus scans?
- My antivirus application is reporting a malware in the inSync folder. What is the cause?
Why inSync directories should be excluded from antivirus scans?
Ideally, paths related to inSync server must not be scanned. Most antivirus applications lock the frequently accessed files to scan them. This may cause database corruption. When data is uploaded to the data folder, references for actual data are stored under database files. If an antivirus application locks the database files, inSync server may not be able to update the database causing loss of references.
In some scenarios, antivirus application tends to delete/quarantine the database/data/the database log files that are frequently accessed and modified, assuming them as malware activities. This leads to storage corruption.
To address such a situation, inSync has an inbuilt mechanism that reports antivirus scans via an alert. inSync uses detectav.exe utility to detect whether an antivirus application is scanning inSync folders. Even though detectav.exe is not a malware, some applications may report it as one.
My antivirus application is reporting a malware in the inSync folder. What is the cause?
Check if your antivirus application is reporting detectav.exe placed by inSync on all the inSync Server folders as malware. This file checks if the inSync Server binaries, configuration database, Storage path are being scanned by an anti-virus.
Antivirus recommendations
For an inSync On-Premises deployment:
- You must exclude the inSync folders from the antivirus scan.
- Exclude the folder and processes specified for inSync, inSync storage node, and inSync Edge Server in the tables below
Antivirus recommendations for inSync Master Server | |
Folders to be excluded | C:\ProgramData\Druva or C:\inSyncServer4 C:\Program Files\Druva Storage Folders (Data,DB & Log location) (Only present if we have local storage configured) |
Processes to be excluded | inSyncBynamo.exe inSnycCMSPHwnet64.exe inSyncConfigDBMonitor.exe inSyncConfigDBServer.exe inSyncConfigServer.exe inSyncCPortal.exe inSyncCPortalSVC.exe inSyncCronServer.exe inSyncNWorker.exe inSyncStorageMaster.exe inSyncServer.exe inSyncSyncServerSVC.exe inSyncWorker.exe inSyncAuthDBService.exe inSyncBJService.exe inSyncBJWorker.exe |
Antivirus recommendations for inSync Storage Node | |
Folders to be excluded | C:\ProgramData\Druva C:\Program Files\Druva Storage Folders / Directories |
Processes to be excluded | inSyncNodeMaster.exe inSyncNodeMasterCfg.exe inSyncNodeMasterSVC.exe inSyncBynamo.exe inSyncStorageMaster.exe inSyncWorker.exe |
Antivirus recommendations for inSync Edge Server | |
Folders to be excluded | C:\ProgramData\Druva C:\Program Files\Druva |
Processes to be excluded | inSyncEdgeServer.exe inSyncEdgeServerCfg.exe inSyncEdgeServerService |
Antivirus Recommendations for inSync Cloud
In case of Cloud, there are three identities from where you need to set the exclusions.
- AD Connector Server
- Cloud Cache Server
Antivirus Recommendations for AD Connector Server | |
Folders to be excluded | C:\inSyncADConnector C:\Program Files\Druva |
Processes to be excluded | inSyncADConnector.exe inSyncADConnectorCfg.exe inSyncADConnectorSVC.exe |
Antivirus Recommendations for CloudCache Server | |
Folders to be excluded | C:\Program Files\Druva C:\inSyncCacheServer Data folder Path (Contains the Data component configured on CloudCache Server) |
Processes to be excluded | inSyncCacheServer.exe inSyncCacheServerSVC.exe |
Antivirus Recommendations for inSync Client
On Windows | On Mac | On Linux | |
Folders to be excluded |
C:\ProgramData\Druva\inSync4
C:\Program Files (x86)\Druva\inSync |
/Users//Library/Application Support/inSync /Data/Application/druva/insync/contents/resources/insync/contents.MacOS /Data/Application/druva/insync/contents/resources/insync/contents.MacOS
*The above processes are hidden, however, you can run "ls -al" in the terminal and see the process. |
/opt/Druva /home/<user name>/.inSync /home/<user name>/inSync Share |
Processes to be excluded |
inSync.exe:- C:\Program Files (x86)\Druva\inSync inSyncAgent.exe:- C:\Program Files (x86)\Druva\inSync inSyncCPHwnet64.exe:- C:\Program Files (x86)\Druva\inSync\amd64 inSyncUSyncer.exe:- C:\Program Files (x86)\Druva\inSync\amd64 inSyncUpgrade.exe:- C:\Program Files (x86)\Druva\inSync |
inSyncDecommission:- /Data/Application/druva/insync/contents/resources/insync/contents.MacOS inSync:- /Data/Application/druva/insync/contents/resources/insync/contents.MacOS The above processes are hidden, however, you can run "ls -al" in the terminal and see the process. |
inSync |
For any further queries, contact Druva technical support.