ArcGIS Enterprise and Antivirus Software

Kathleen_Crombez · ‎08-21-2024

I am looking for a new Antivirus Solution for ArcGIS Enterprise.

Let me know what you are using!

CodyPatterson · ‎08-21-2024

My company uses SentinelOne as AV, personally, I've had no issue installing and using the various ArcGIS Enterprise software while this AV is active. I previously worked for IT in the same company, and have found the AV to be quite reliable, I would personally recommend it.

Cody

Kathleen_Crombez · ‎08-21-2024

@CodyPatterson-

Thank you for the information!

Did you have to configure all the exceptions as recommended in the ArcGIS Antivirus Guidance

From my past experience most anti-virus software is destructive to the ArcGIS Enterprise suite and makes installation/upgrades downright impossible while the software is active. So I am really happy to receive a recommendation from someone with both GIS and IT experience.

Thank you again!

Kathleen

CodyPatterson · ‎08-21-2024

Hey @Kathleen_Crombez

Currently, none of the exceptions were made in my AV when assembling ArcGIS Enterprise. We do not exclude any file from being scanned and these scans that take place have not caused any significant strain on the servers that host the environment. I can definitely understand an AV causing issues, as I've worked with quite a few, but this one is quite straight forward! I've had no issues with false positives as well.

Cody

GregoryCarson · ‎08-21-2024

We have used Crowdstrike in the past and now use Cortex without any issues.

Kathleen_Crombez · ‎08-21-2024

@GregoryCarson-

Thank you!

Was there a reason you switched from CrowdStrike to Cortex? Do you notice any benefits or downsides from one to the other in comparison?

Any issues with installation or upgrades?

Thanks again!

Kathleen

GregoryCarson · ‎08-21-2024

We were purchased by a bigger company and change to Cortex was due to parent company. I did not do anything to our Esri servers with Crowdstrike or Cortex, as neither of them caused any issues. (We have numerous ArcGIS servers (10.8.1 to 11.3) federated to our 11.3 portal)

MarceloMarques · ‎08-21-2024

@Kathleen_Crombez

Sophos, CrowdStrike

New Technical Paper: Considerations for configuring antivirus software for ArcGIS Enterprise hosts (...

| Marcelo Marques | Esri Principal Product Engineer | Cloud & Database Administrator | OCP - Oracle Certified Professional | "In 1992, I embarked on my journey with Esri Technology, and since 1997, I have been working with ArcSDE Geodatabases, right from its initial release. Over the past 32 years, my passion for GIS has only grown stronger." | “ I do not fear computers. I fear the lack of them." Isaac Isimov |

Kathleen_Crombez · ‎08-21-2024

@MarceloMarques-

Thank you for the link. I have seen this post in the past but they have updated the link for the ArcGIS Antivirus Guidance document.

Are Sophos and CrowdStrike both tested and used in production at ESRI?

Do you notice any benefits or downsides from one to the other in comparison?

Thanks again,

Kathleen

MarceloMarques · ‎08-21-2024

Are Sophos and CrowdStrike both tested and used in production at ESRI?

Yes, we use it internally and have customers that use it too.

Do you notice any benefits or downsides from one to the other in comparison?

Your IT department will have to evaluate that but usually price is the decision factor.

| Marcelo Marques | Esri Principal Product Engineer | Cloud & Database Administrator | OCP - Oracle Certified Professional | "In 1992, I embarked on my journey with Esri Technology, and since 1997, I have been working with ArcSDE Geodatabases, right from its initial release. Over the past 32 years, my passion for GIS has only grown stronger." | “ I do not fear computers. I fear the lack of them." Isaac Isimov |