We have a Windows Server 2012 R2 web server running IIS 8.5 hosting a number of ASP.NET applications each in their own app pool. The server was originally specced to cope with expected load, but since then the client has also insisted on installing McAfee antivirus. We've excluded the application directories from the on-demand scanning mechanism.
We're finding that when the applications start up for the first time we're seeing particularly high (too high) CPU load. The two processes that are hogging the CPU are alternately Visual C# Command Line Compiler (csc.exe) and McAfee On-Access Scanner Service (mcshield.exe).
I would expect csc.exe to be pretty high on CPU during initial compilation of a restarting ASP.NET application, but I'm concerned that McAfee is interfering and making this process take longer and hurt the CPU more. Has anyone had similar experience?
If so, are there any other specific directories that I should be excluding from the scan? Or is it more correct to be recommending against antivirus on web servers?
If not, then is there anything I can do to prevent such a load on CPU during application startup?
No comments:
Post a Comment