Endpoint Security and Control can be installed on active/passive and active/active Windows cluster configurations. Care must be taken to ensure that certain files and folders are not scanned by either on-demand or on-access scanning.
The Endpoint Security and Control product is not cluster aware, it does not need to be cluster aware in order to protect clustered machines.
The Endpoint services run on each node of the cluster allowing it to protect each node as if it were an independent machine. On active nodes, it still has access to the shared storage devices used by applications that are cluster aware, and so it offers full protection for those applications.
Note: Endpoint Security and Control should be temporarily disabled when upgrading Windows and other major components, e.g. Exchange or SQL.
Applies to the following Sophos products and versions Sophos Endpoint Security and Control 10.8.4
These exclusions apply to on-access and on-demand scanning.
Microsoft Knowledgebase article 250355 gives more information on running anti-virus software on Windows clusters.
Endpoint Security and Control on-access scanning should be temporarily disabled when
NOTE: Sophos strongly advises users to regularly check Microsoft guidance on anti-virus software and Windows clusters.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.