Yes, I know this has been asked before, but what is the current ideal config:
1. On access turned on for workstations and off for servers (daily scans instead)
2. on access turned off for workstations (daily scans instead) and on for servers
3. on access on for all

Some people have said don't use on access on servers
Some have said use only scan on write on servers
Some have just said exclude certain folders (eg SIMS folders or folding containing SQL server files)

Is there something definitive?
For us we need to consider the following:
Mixture of servers: 2003 and 2008, 32-bit and 64-bit
A couple of ISA servers
Some physical and a large number of Hyper-V servers
Sophos anti-virus on servers
McAfee Total Protection on workstations (yes, I know McAfee is rubbish, but it is supplied by the LEA - to make matters worse we have NO access to the Admin Console for it either)