Sophos Anti-Virus for Mac Home Edition

turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
Advisor
Specimen
Posts: 20
Registered: ‎07-23-2011
0
Accepted Solution

Excluding /Library/Sophos Anti-Virus/ from Time Machine backups

[ Edited ]
Options

‎07-23-2011 07:14 AM - edited ‎07-23-2011 12:45 PM

Whenever Sophos AV gets updated and that's more than once a day the files in the folder /Library/Sophos Anti-Virus/ are modified, this in turn makes Time Machine backup around 60 MB to 100 MB of virus definitions everytime it runs. This fills my Time Machine disk with useless versions of virus definition files.

 

So my idea is to exclude the /Library/Sophos Anti-Virus/ folder, but how safe is it? Does Sophos AV automatically recreate it and download the files if the folder is missing? Specifically, if I have to restore my whole system from a time machine backup without the VDL folder, how will Sophos AV handle the situation?

 

What I would really like to see would be Sophos AV excluding VDL files automatically from backup and have in place a routine that would refetch all needed files that were not backed up. 

 

[Edited to change /Library/Sophos Anti-Virus/VDL to /Library/Sophos Anti-Virus/ since not only the VDL dir is updated]

Report Inappropriate Content
Message 1 of 4 (932 Views)
 
Reply
Employee Agile
Employee
Agile
Posts: 1,191
Registered: ‎11-02-2010

Re: Excluding /Library/Sophos Anti-Virus/ from Time Machine backups

Options

‎07-25-2011 09:38 AM

Hello Specimen,

Thank you for thinking about this issue!  Most daily updates should be significantly smaller than 100MB (closer to 30MB), but they definitely add up.

Excluding that folder might not be the best option, but excluding /Library/Sophos Anti-Virus/IDE and /Library/Sophos Anti-Virus/VDL will exclude your data updates.  These folders do indeed get rebuilt, and are perfectly safe to exclude.  To test, just move those folders to somewhere else on your system and select Update Now from the shield menu to see how it impacts the system.

-
Andrew
Threat Researcher
SophosLabs

For our other self-service and peer-to-peer online support systems:

Report Inappropriate Content
Message 2 of 4 (909 Views)
 
Reply
Advisor
Specimen
Posts: 20
Registered: ‎07-23-2011
0

Re: Excluding /Library/Sophos Anti-Virus/ from Time Machine backups

Options

‎07-25-2011 10:35 AM

Hello Agile,

 

You're welcome!

So, I used 'sudo mv' to move IDE and VDL, then I ran the update, and indeed the two dirs were recreated with the same size as the ones I had moved elsewhere (About 5.1 MB for /IDE and 60.7 for /VDL). But the update was extremely quickly and what was downloaded from the server was just two small (incremental updates?) files. So I'm guessing those 65.8 MB must have come from somewhere else? Some cache? If this cache isn't present, after a system restore from Time Machine that didn't backup /IDE and /VDL, in a system, what happens?  

Report Inappropriate Content
Message 3 of 4 (906 Views)
 
Reply
Employee Agile
Employee
Agile
Posts: 1,191
Registered: ‎11-02-2010
0

Re: Excluding /Library/Sophos Anti-Virus/ from Time Machine backups

Options

‎07-25-2011 11:21 AM

The VDL files are generated by the engine itself, based on the data downloaded and what's in the cache.  If the caches are also purged, it'll just mean more data gets downloaded in the update.  Other than the larger monthly updates and the product version updates, the incremental  downloaded updates should be only a few MB and installed to the IDE folder.

-
Andrew
Threat Researcher
SophosLabs

For our other self-service and peer-to-peer online support systems:

Report Inappropriate Content
Message 4 of 4 (902 Views)
 
Reply