We are upgrading UIM to 20.4 on this Sunday 20th march. We do not have antivirus running on UIM servers but have Crowdstrike running on them. Will it also need to be in disabled state?
Release : 20.3
Component : UIM - INSTALL
Crowdstrike Falcon may be blocking, filtering, or detecting and blocking what it thinks is 'malware' and hence my interfere with the UIM install process.
During installation/upgrades, please ask the Security team to temporarily disable any/all Anti-Virus as this may interfere with the installation process.
This includes and extends to any/all security applications installed locally on the Windows, Linux or UNIX server that may interfere through blocking, filtering, or the need for ‘whitelisting’ of DX UIM components, connections or message traffic.
If the antivirus application cannot be disabled, then you MUST ensure that the installer application and all Nimsoft programs, directories/files are completely excluded from Anti-Virus scanning before and during the upgrade. After the upgrade is complete you can normally re-enable Anti-Virus.
AntiVirus - UIM, UMP, CABI and Operator Console pre-install and operational requirements
As an example of how CrowdStrike may interfere with the UIM install, Crowdstrike may detect one or more files as malicious under the Nimsoft directory, e.g., presence of the file "7za.exe.tmp" in the directory "Program Files (x86)\Nimsoft\robot\pkg\temp\7za.exe.tmp" on 1 or more multiple servers.