What exclusions should be considered for SMP 7.5 to function correctly with an anti-virus solution installed?

book

Article ID: 160949

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

What exclusions are necessary for Symantec Management Platform (SMP) 7.5 to function correctly with an anti-virus solution installed?

Resolution

The following folders in c:\ProgramData\Symantec\SMP\EventQueue should be excluded from active protection in the AV client:

EvtInbox
EvtQFast
EvtQLarge
EvtQPriority
EvtQSlow
EvtQueue
Temp

 

Note: The files in the EvtInbox folder are zero-footprint inventory files from client machines
Note: The files in the EvtQ* folders were generally used for inventory and notification data from client machines in 7.1, and are legacy in 7.5.
Note: The files in the Temp folder are temporary files that the system is using

As well, in certain situations you should consider for exclusion the Windows %temp% folder, typically found at C:\Windows\Temp, but its location can change for some of the Windows operating systems. In this folder, exclude .tmp files

Note:
These .tmp files can be .nse files that IIS may temporarily store (either created, compressed or uncompressed) at this location before placing them in the NScap queues.

If SQL is on the same computer as the Notification Server, consider excluding the database files (files with extensions of .ldf, .mdf, and .bak).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Disclaimer: Symantec Management Platform and ITMS testing is being performed without third party software installed.

The recommendations in the KB are provided as is based on our experience and updated if further issues surface.


Applies To

Symantec Management Platform 7.5, 7.5 SP1