Caché and virus scanners
Post updated in August 2025 to include links to IRIS.
I have seen customer problems where the use of a virus scanner running over Caché or IRIS databases was causing intermittent application slowdowns and bad user response times.
This is a surprisingly common problem, so this short post is just a reminder to exclude key Caché and IRIS components from your virus scanning.
Generally, virus scanning must exclude the CACHE.DAT or IRIS.DAT database files and the InterSystems binaries. If an anti-virus is scanning *.DAT files and other InterSystems files such as journals and binaries, then system performance will be significantly impacted.
Specifically, to avoid performance problems anti-virus software must exclude InterSystems files, including the following:
- Databases (CACHE.DAT/IRIS.DAT).
- Executable in the
bindirectory, for example/iris/bin.. - Write Image Journal (WIJ).
- Journal files in the journal directory.
More details are available in the online documentation.
Comments
Murray, the documentation section you link to recommends excluding certain directories as well as specific files. This makes me nervous, as having a scanning exclusion on an entire directory surely offers a safe haven for malware to write a payload that it subsequently executes. Can you explain the reasons for excluding entire directories?
Reading the documentation it seems to be saying that you should exclude directories containing files that are actively used by Cache such as those containing databases, WIJ and journal files, etc.
It is not recommending that you disable virus scanning on all directories associated with Cache