Information regarding best practices for Anti-Virus scanning and configuration for UIM/Nimsoft installation and uninterrupted operations.

Any UIM Release

The UIM/Nimsoft application needs to read and write files continually on local drives. Log file, queues, configuration files and licenses all require read / write activity.

If this activity is delayed, by virus scanning, an application can timeout. 

***Under ideal circumstances you should EXCLUDE the Nimsoft root directory and all sub-directories from being scanned.***

If that is not possible, you can use these more specific directories:

UIM/Nimsoft Primary Hub Server

Nimsoft / probes

Nimsoft / hub

Nimsoft / archive

Nimsoft / robot

Nimsoft / niscache

Nimsoft / Unified Reporter or CABI

Nimsoft / UMP

Nimsoft / install

Nimsoft / SLM

Nimsoft / NIS

Nimsoft / jre

Nimsoft Robot Server

Nimsoft / robot

Nimsoft / probes

Nimsoft / jre

UMP Robot

Nimsoft / wasp as well...

Active anti-virus scanners slow down UMP installation significantly. Before you begin installation, turn off any anti-virus scanning on the Primary Hub Server.

For servers being monitored:

We recommend excluding the UIM/Nimsoft probe processes from the active scan.

There is no other workaround for this if there are 'aggressive' AV scans running against Nimsoft files and folders.

For each Nimsoft administrator/Windows user running the Infrastructure Manager client application. %Temp%\util

Note that if a program is blocked, most of the time either a scan/scan logs will identify what is being blocked, event log will show crashes, exceptions, hangs, or ONLY Informational messages BUT it could be interfering, e.g., Carbon Black/Bit9 will block a program and then report it in the event log. Notes regarding UIM/Nimsoft installations: Firewalls and Virus Scanners - you must shut down any anti-virus software before installing the Nimsoft Server. You may also want to shut down the firewall. While this is not always necessary, it will maximize your chance for a fail-safe installation. Important: Remember to turn the firewall and anti-virus software back on after you have finished the Nimsoft Server installation. If you elect to keep your firewall running during installation, you must minimally observe the following:

■ The port between the Nimsoft Server and the database server must be open. ■ Specify a starting port during the Nimsoft Server installation. The recommended default is port 48000. ■ Ensure that an adequate range of ports are open (for example, ports 48000 through 48020). Minimally the first three ports assigned must be open (controller, spooler, hub).

The port used for distsrv is dynamically assigned.

Note that in general, a security scan usually finds and logs whatever executables/programs are being put in question/filtered/blocked.

The UIM help documentation on ports and protocols may be helpful to your security team as well: Firewall Port Reference