ESET Security for Microsoft SharePoint Server — Performance, Compatibility, and FAQs

Deploying ESET Security for Microsoft SharePoint Server: Step-by-Step SetupProtecting Microsoft SharePoint Server requires a solution that balances strong security, low performance impact, and smooth integration with your existing infrastructure. ESET Security for Microsoft SharePoint Server is designed to scan files and content stored in SharePoint, block malware, and reduce the risk of infected content spreading across the organization. This article walks through planning, prerequisites, installation, configuration, testing, and maintenance for a reliable deployment.

Why protect SharePoint Server?

SharePoint is a common target because it centrally stores documents and often integrates with email, collaboration tools, and external users. Threats relevant to SharePoint include:

• Malicious file uploads (executables, scripts, macros)
• Infected document propagation through shared links and sync clients
• Supply-chain or third-party app compromises exposing storage
• Ransomware and targeted file-encryption attacks

ESET Security for Microsoft SharePoint Server provides real-time scanning of files hosted on SharePoint, on-access and on-demand scanning, and signature plus heuristic detection to reduce both known and emerging threats.

Planning your deployment

Assess your environment

• Inventory SharePoint topology (single server, farm, or distributed), versions (e.g., SharePoint Server 2016, 2019, or SharePoint Server Subscription Edition), and OS versions.
• Determine expected load: number of users, average file sizes, and peak upload rates. This affects scanning performance and hardware sizing.
• Identify integration points: Web Front Ends (WFEs), application servers, database servers, and any reverse proxies or load balancers. ESET for SharePoint typically runs on the servers hosting SharePoint services and the file system where content is stored.

Determine deployment mode

• On-access scanning (real-time) for immediate protection.
• On-demand scanning for periodic or scheduled full scans of content repositories.
• Hybrid approach combining both.

Hardware and performance considerations

• Ensure sufficient CPU and memory on SharePoint servers or dedicated scanning nodes. Scanning imposes CPU and I/O overhead—test to find optimal thread counts and exclusions.
• Disk I/O: scanning large files and many concurrent requests increases read/write operations. Use fast storage and consider dedicating storage for content databases.

Licensing and versions

• Confirm you have appropriate ESET licenses for SharePoint Server. Check compatibility between ESET product versions and your SharePoint/Windows Server versions before deployment.

Prerequisites

• Administrative access to the SharePoint servers where ESET will be installed.
• .NET Framework and Windows updates required by both SharePoint and ESET.
• Ensure SharePoint services are healthy and backups exist in case rollback is needed.
• Disable conflicting security products or configure exclusions to avoid interference.
• Network access to ESET update servers (or local repository for updates) so virus signatures and engine updates can be applied.

Installation: step-by-step

Note: these are general steps. Follow the official ESET product documentation and release notes for exact commands and GUI flows for your ESET product version.

1. Obtain installer and license

   • Download the ESET Security for Microsoft SharePoint Server installer from the ESET Business portal or your vendor.
   • Keep your license key or activation credentials ready.

2. Prepare servers

   • Log in with an account that has local administrator privileges.
   • If deploying to a farm, decide on which servers will run the ESET scanner (commonly application servers or dedicated scanning nodes). WFEs may also run scanners depending on architecture.

3. Run the installer

   • Execute the ESET installer on each chosen server. Accept prompts and input license information when requested.
   • Choose default or custom installation paths as appropriate.

4. Configure update sources

   • Configure update settings to use ESET LiveGrid and automatic updates, or a local update server (mirroring) for air-gapped or bandwidth-restricted environments.

5. Configure scanning preferences

   • Enable on-access (real-time) scanning: set behavior for file access, uploads, and downloads.
   • Set on-demand scanning schedules for content databases or file-system locations used by SharePoint (for example, the content database mount points or file share locations).
   • Configure file types and size limits for scanning. Consider excluding extremely large binary files or specific temporary paths to reduce latency.

6. Set exclusions carefully

   • Exclude SharePoint database .mdf/.ldf files and SQL Server data files from on-access antivirus scanning when recommended by Microsoft—scanning databases directly can cause corruption or performance issues. Instead, scan files at the file-system level where SharePoint stores uploaded content (e.g., virus scanning on the Web front ends or on the file share used by SharePoint).
   • Exclude ESET processes and services, and any backup software file locks, per vendor guidance.

7. Configure quarantine and alerts

   • Set quarantine location and retention policy.
   • Configure email or SIEM alerts for detection events; integrate with your incident response workflow.

8. (Optional) Central management

   • If you use ESET Protect or another centralized ESET console, register the SharePoint nodes to the console for policy management, reporting, and centralized updates. Deploy policies that align with SharePoint needs (scan policies, exclusions, update schedules).

Configuration recommendations and best practices

• Use selective scanning: prioritize scanning of uploads, downloads, and new files rather than re-scanning content stored in databases frequently.
• Configure throttling/CPU limits and scheduling to reduce impact during peak business hours. Consider scanning large repositories during off-hours.
• Maintain a small set of well-documented exclusions. Over-excluding reduces protection; under-excluding increases risk to availability.
• Keep ESET engines and signatures updated automatically. Test engine updates in a staging environment if you have a large farm.
• Ensure logging is centralized (send logs to SIEM) and that detection events are actionable.
• Implement file-type restrictions at the SharePoint level (block risky extensions) in addition to antivirus scanning.
• Test rollback and restoration procedures from backups to ensure recovery in case of false positives or other incidents.

Testing and validation

1. Functional tests

   • Upload clean sample documents and those with known test malware (e.g., EICAR test file) to verify detection and quarantine. Do not use real malware in production.
   • Test various file sizes and types to confirm scanning behavior and latency.

2. Performance tests

   • Measure page load times, upload times, and CPU/memory utilization before and after enabling scanning.
   • Simulate peak load to observe impact and tune thread/scan settings as needed.

3. Failover and recovery tests

   • Validate SharePoint functionality when ESET services are stopped/restarted. Ensure no data corruption occurs.
   • Check backup/restore operations while ESET scanning is active.

Monitoring, incident response, and maintenance

• Monitor alerts and logs daily for signs of infection or performance degradation.
• Respond to detections per your incident response plan: isolate affected content, review user activity, and restore from clean backups if needed.
• Regularly review and update exclusions and policies based on operational experience.
• Keep documentation of deployment details (server names, exclusion list, policies, update schedules) for audits and troubleshooting.
• Schedule periodic re-tests (quarterly) and review ESET and SharePoint updates for compatibility changes.

Troubleshooting common issues

• Increased latency on uploads/downloads: reduce scanning concurrency, enable file size limits, or move scanning to off-peak windows.
• False positives blocking legitimate content: review quarantined files, create targeted exclusions, and submit samples to ESET for analysis if needed.
• Conflicts with SQL Server or backups: ensure database files are excluded per Microsoft/ESET guidance and scan only the content files or repositories.
• Update failures: verify network access to update servers, firewall rules, and proxy settings; consider using a local mirror.

Example minimal exclusion list (illustrative — adapt to your environment)

• SQL Server database files (.mdf, .ldf) — exclude from on-access scanning if advised.
• SharePoint cache and temporary directories used by IIS/SharePoint services.
• ESET service executables and update folders.
• Backup application temporary working directories.

Wrap-up

A careful deployment of ESET Security for Microsoft SharePoint Server balances protection with SharePoint performance and availability. The key steps are planning and sizing, following vendor and Microsoft guidance for exclusions and compatibility, testing thoroughly, and using centralized management and monitoring to keep the environment healthy. With appropriate configuration and ongoing maintenance, ESET can significantly reduce the risk of malware spreading through SharePoint while preserving user experience.