Change the file scanning mode to scan a file only when the file is opened. By default, the application scans a file when something attempts to open it, and scan it again when something attempts to close it, if the file was modified. You can change the file scanning mode in the File Threat Protection settings:
Locally on the device using the following command:
kesl-control --set-set 1 ScanByAccessType=Open
Changes made to the file after it is opened are not scanned until the next opening of the file.
Make sure that archive scanning is disabled (default value). Scanning archives impacts performance because access to the archive file is blocked while the file is being unpacked to the /tmp temporary directory and scanned. The definition of archive includes traditional archives as well as packaged objects such as .jar.
You can enable or disable archive scanning using the Web Console or Administration Console (the Scan archives setting) or locally on the device using the command line (the ScanArchived setting).
To optimize scan tasks (tasks of the ODS and ContainerScan types), you can:
Schedule scan tasks so that they do not overlap. The application allows running scan tasks simultaneously, but this may significantly increase resource consumption. Check the schedule of all ODS and ContainerScan tasks locally on the device or in Kaspersky Security Center.
Run the scan at a time when the server load is minimal.
Make sure that the scope of the scan tasks does not include remote directories mounted on the device via SMB and NFS. We recommend scanning such directories directly on the device that provides the resource. If this is not possible, do not perform the scan on servers that run critical services, because such a task may take quite a long time (depending on the connection speed and the number of files).