Symantec Protection Engine (SPE) functions fail to work as expected at times when local Antivirus is installed. Symptoms may include a large number of Generic/24 and Decomposer/24 errors in the daily log files of SPE. When SPE is scanning files for NetApp Filers, file access may be excessively slow or blocked due to timeouts between the SPE and NetApp Filer.
Local antivirus (such as SEP) can sometimes interfere with essential files and folders within the installation directory. These interferences can cause the following:
Configure your Antivirus software to exclude SPE's installation directory listed below. If you have installed SPE into a directory other than default, replace these paths with the ones you used:
Windows
C:\Program Files\Symantec\Scan Engine\
Linux
/opt/SYMCScan/
In addition, if your real-time antivirus client also scans RPC traffic, create an exclusion for the ONTAP_ADMIN$ share of each NetApp Filer which SPE supports as a member of NetApp Filer's antivirus scanning pool for VSCAN. This exclusion is only needed for machines where SPE is set to use RPC protocol and the FilerPerformerThreshold set to a non-zero value.
These exclusions may also work for SPE 7.x and SPE 8.x prior to build 8.2.2, but BROADCOM no longer supports builds earlier than 8.2.2. In such cases, scheduling an upgrade is recommended as well.
Reference: Symantec Protection Engine End of Service (EOS) dates by versions