Skip to main content

Configuring Third-Party Software to Work in Conjunction with InterSystems Products

InterSystems products often run in environments alongside other providers, where interactions between our products and such tools can have deleterious effects. InterSystems guidance about optimal, reliable configurations for deployment presume that our products can be deployed without interference from third-party tools. For instance, InterSystems has observed that software for security, system monitoring, or virus scanning may impact the installation, performance, and functionality of our products. This is particularly true for tools, such as virus scanners, that directly interact with files that are part of or are used by InterSystems products.

InterSystems understands that customers face business, compliance, and other requirements that impact decisions about what software runs in a given environment and how such software is configured.

Virus scanner considerations:

  1. To deliver virus-checked software, InterSystems products are delivered out of a sanitized environment to our customers, and InterSystems provides a checksum for verification.

  2. Scanners may report false positives for InterSystems products during installation or at runtime. InterSystems has no control over the findings of third-party security products like virus scanners. Please consult with the vendor of the product you are using for documentation details and guidance.

  3. It is possible that scanners may detect false positives for virus patterns on InterSystems processes, and they may respond with actions such as file isolation or even deletion. These actions can have potentially catastrophic impact, especially if performed while the instance is running. Files that are modified rapidly, such as databases, journals, etc., have a higher probability of presenting such patterns.

  4. Near constant or very high frequency scans on large files (such as databases) very likely will have a considerable impact on the overall performance of InterSystems products.

  5. In accordance with your own risk assessments, you may wish to adjust scanning for the following files and directories:

    • The WIJ file and the directory containing the WIJ file; this directory varies based on configuration settings. See the “Write Image Journaling and Recovery” page.

    • All database files (.DAT) and directories containing database files; these vary based on configuration settings. See the “Configuring Databases” page.

      • Any directory in which journal files are stored or processed; this directory varies based on configuration settings. See the “Journaling” page.

    • Any other file or directory that is actively required for InterSystems IRIS® data platform to function; again, these vary based on configuration settings. Examples include the alternate journal directory (as described on the “Journaling” page), or any directory being used by a business service or production.

    Long-term or permanent exclusions of files from virus scanners might increase the risk of getting “infected.”

Caution:

EXCLUDING ITEMS FROM MALWARE SCANS MAY INTRODUCE VULNERABILITIES INTO PROTECTED DEVICES AND APPLICATIONS. THE CLIENT ASSUMES ALL RESPONSIBILITY FOR CONFIGURING MALWARE PROTECTION.

FeedbackOpens in a new tab