It may seem counterintuitive to advise against antivirus, but some servers don’t actually need it. If the server doesn’t connect to the outside world and doesn’t have any interaction from non-admin users, what do you need antivirus for? In fact, in many cases antivirus may actually hurt the performance and stability of your server. Crazy, right?!
If you set up the server properly, patch it regularly, and maintain good security practices you usually don’t need antivirus. Actually, antivirus can sometimes make you more vulnerable because hackers can exploit the vulnerabilities of the antivirus as well as the vulnerabilities of the operating system in order to access your server. More vulnerabilities equal more opportunities for hackers.
Now, I did say “most” servers don’t need antivirus, which means that there are some instances when you WILL need antivirus. So which servers should have antivirus and which servers shouldn’t? Here’s a simple breakdown:
If you’re setting up a new server: Make sure to wait until you’ve done all your configuration and have installed all the software or server roles before adding any antivirus so that it doesn’t block any registry or system file changes (and trust me, it will block stuff).
If you’re adding software: First of all, make sure you’re adding software from a trusted source (says Captain Obvious). If you’re adding software to a server that has antivirus already, make sure to disable all the AV features before adding the software or you'll encounter the same issue mentioned above. Then, don’t forget to re-enable the AV features.
If you need an AV Solution: Most importantly, you don’t want to use a generic one-size-fits-all antivirus solution on your servers. If there’s antivirus made specifically for the software on your server, use that. It may cost more, but trust us, it’s worth it because that generic stuff isn’t going to offer you much protection. For some of the servers above, it's actually better to have no antivirus at all than to have a generic solution.
You remember the story of the three little pigs? The first two pigs were schmucks and used cheap materials to build their homes. Using generic AV is like using sticks and straw to keep out the big bad wolf...it's not going to help you much. If you’re going to put in the time, money, and effort to build a house (or to install antivirus), you might as well make it good.
If you or your team need a little refresher in Information Security, check out the courses linked below: