Verifying Endpoint Protection exceptions for Windows Server 2008 and Windows Server 2003 Domain Controllers

book

Article ID: 177910

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection (SEP)

Microsoft Windows 2008 or Microsoft Windows 2003 servers are acting as Domain Controllers in an Active Directory environment. What files and folders need to be excluded from Symantec Endpoint Protection's AV scanning so that SEP won’t impact the Domain Controller performance?

 

Resolution

The Symantec Endpoint Protection client software automatically detects the presence of certain third-party applications: Active Directory Domain Controller is one such application. After the SEP client detects that it is running on a Domain Controller (DC), it automatically creates the necessary exclusions for sensitive files and folders. These files and folders are excluded from all antivirus and antispyware scans.


  • Steps to verify the exclusions for Domain Controllers:
    1. Start Run
    2. Type Regedit
    3. Browse to the registry key:

    Windows 2003 32bit
    • HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Exclusions\Domain Controller

    Windows 2008 64bit
    • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\AV\Exclusions\Domain Controller





    Symantec recommends that you examine the Microsoft article below for additional exclusions.

    Virus scanning recommendations for computers that are running Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows 2000, Windows XP, or Windows Vista
    http://support.microsoft.com/kb/822158




  •  
  •  
  •  

 


References
How to Create Scanning Exceptions for both Managed and Unmanaged Symantec Endpoint Protection Clients

 

How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory


 

 

Attachments