AntiVirus Solution for SharePoint 2013 and some tweaks for smooth scan operations

AntiVirus Solution for SharePoint 2013 and some tweaks for smooth scan operations

With recent implementation of antivirus solution on one of my SharePoint 2013 large farm, I have experienced its do's and dont's and would like to share with everyone:

1. Use SharePoint Farm account to run Antivirus service on SharePoint, so that all access permission related issues are ruled out.
2. If we see increase in number of timeout errors or warnings during antivirus real-time scan or manual scan,  Increase No. of threads to 10 and timeout to 600 seconds. Default is 5 and 300 resp.
3. Do Not install Symantec Protection for SharePoint servers on Non-WFE servers and limit it to WFE and CA.
4. If you see antivirus database is flood with rescan requests, disable auto re-scan option and work with vendor support to cleanup re-scan request.
5. Disable Scanning on server which perform Site upgrade timer job. Especially if you have brand new SharePoint site, you can disable it. 
6. To avoid scan of safe extension files or known filetypes, add a key “SkipExtensionsNoScanner” in the registry at“HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\AVScanner” and specify value as extensions