Skip to main content

To ensure security, TrendMiner allows the installation and running of virus scanners next to the TrendMiner application, only on single node deployments and with certain conditions.

 

While antivirus software is an important security measure, it is crucial to note that TrendMiner's performance is closely tied to I/O performance as the application builds a time series index using many small local files, grouped into time-based structures. Virus scanners, particularly those that scan all disk I/O, may still cause performance degradation or failures in some cases. 

 

Important Considerations:

Performance Impact: Antivirus processes that scan disk I/O can introduce delays, potentially affecting TrendMiner’s responsiveness. 
In extreme cases, it may cause system failures, such as:

  • User experience degradation due to slower I/O performance and CPU/Memory spikes caused by the antivirus software.
  • Delays in monitoring events, due to slower indexing, related to slower I/O performance 
  • TrendMiner upgrades failing due to permission checks timing out or other delays.

Troubleshooting: In the event of performance issues or system failures, virus scanners should be temporarily disabled to rule them out as a potential cause.

Exclusions: To minimize performance impact it is required to exclude the /mnt/data volume from being scanned.

 

Security Risks

The risk of malware exposure on a TrendMiner installation is minimal. It is not possible to upload random files to the TrendMiner applications, let alone executables. The only attack vector is uploading a TrendMiner install/update package, but an attacker who has admin access is already considered a security breach.
 

To allow TrendMiner admins to validate the integrity of the upgrade packages checksums for these packages are provided on the TrendMiner download site.

 

Recommended antivirus configuration

For customers where security policies require running antivirus software, please ensure the following:

  • The /mnt/data volume is excluded from scanning
  • In case of any performance degradation, disable the antivirus to rule it out as cause
  • Contact TrendMiner support for further assistance and potential mitigation strategies.

 

Be the first to reply!

Reply


Terms & ConditionsCookie settings