Recommended Anti-virus exclusions for Symantec Management Platform and Agents
search cancel

Recommended Anti-virus exclusions for Symantec Management Platform and Agents

book

Article ID: 155410

calendar_today

Updated On:

Products

IT Management Suite Client Management Suite

Issue/Introduction

What exclusions are needed for the Symantec Management Agent to function correctly with an anti-virus software, such as Symantec Endpoint Protection, when installed on the same machine?

Environment

ITMS 8.x

Resolution

The following folders can be excluded from anti-virus active protection:

On All Altiris Agents:

<InstallDrive>:\Program Files\Altiris\ and all sub folders
C:\ProgramData\Symantec\Symantec Agent\ and all sub folders

On SMP / NS:

C:\ProgramData\Symantec\SMP\EventQueue and all subfoldersNote: For All OS versions the users profile temp folder as well as the system temp folder can be also excluded.
In certain situations you should consider for excluding the Windows %temp% folder, typically found at C:\Windows\Temp, but its location can change for some of the Windows operating systems. In this folder, exclude .tmp files.
These .tmp files can be .nse files that IIS may temporarily store (either created, compressed or uncompressed) at this location before placing them in the Event queues.

  • A consideration to exclude the <install drive>:\Program Files\Altiris\Symantec Installation Manager\Installs\Altiris folder for .msi files can be made if the AV client will modify or block the .msi files used for installations.
  • If SQL is on the same computer as the Notification Server, consider excluding the database files (files with extensions of .ldf, .mdf, and .bak).

MAC and Linux machines:

MAC / Linux machines follows the same logic as far as file types to exclude. For example, you may want to exclude the agent logs:

Mac & Linux:

opt/altiris/notification/nsagent/var/aex-client.log

or just the full agent directory:

opt/altiris/

opt/altiris/notification/nsagent/

Temporary files created for events can be considered as well:

  • /tmp/*.nse
  • /tmp/syminvdata.out

----------------------------------------------------------------------------

Disclaimer: Symantec Management Platform and ITMS testing is being performed without third party software installed.

The recommendations in this article are provided  based on our experience and can be updated along with the product evolution.

Additional Information

Powered by Wolken Software