Yes, but beware of impacts to connectivity speeds and performance. There are a few things to consider when using Antivirus software on a Platform server and client workstations.
Performance Considerations
Antivirus programs trade performance from disk, CPU, and network resources for varying levels of protection against malicious software of many kinds. Because the Platform servers are designed to provide high-end disk and network performance, use of some Antivirus programs may degrade performance below acceptable levels, especially when connected via 10GbE networking.
For maximum performance, it's recommended to isolate the Platform and it's clients from outside networks and only use the included Microsoft Defender AV software on the system.
General Recommendations
If you must install 3rd Party Antivirus on your server and/or workstations, please consider the following recommendations (options will vary between various AV products but most have some reference to these basic settings):
- Disable real-time scanning of network traffic on high bandwidth machines
- Disable real-time scanning on volumes that contain Media Cache or scratch disks
- Disable real-time scanning on volumes that are used for mass file creation (render spaces, transcodes, etc.)
- Disable heuristics
- Create exemptions for the Platform folders in "C:\Program Files (x86)\ProMAX\" folder on the Server
- Create exemptions for the Platform Listener Client in the C:\Program Files (x86)\ProMAX\" folder on Windows based workstations
- Create exemptions for the Promax Listener Client App in MacOS based workstations.
Known Issues with Antivirus
Malware Bytes
Recent versions have quarantined and removed components of the Platform Listener client software that are required for a proper connection and performance. It is recommended to exempt the Platform Client listener folder on Windows based PCs from scanning.
Symantec Endpoint
Symantec Endpoint has been demonstrated to cause performance issues on 10GbE connected clients and is currently not recommended for deployment on Platform Servers or high bandwidth 10GbE connected workstations.
Sentinel One
Sentinel One security software flags almost all the Kendo .js files in the inetpub/wwroot folder as threats and quarantines them. This essentially removes the Platform Web UI.