Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

Arellia recommends that the following antivirus exclusions be added in order to maintain application performance and integrity.

These guidelines apply to both Real-Time and On-Demand antivirus scanning.

Arellia Management Server

Exclude the following antivirus programs for the AMS.

Temporary ASP.NET Files

This directory should be excluded to prevent degradation in performance and possible unexpected restarts of the Ams and AmsWorker IIS application pools:

  • %SYSTEMROOT%\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files

Database server

Exclude the following antivirus programs for databases.

SQL server data files

These files contain the data in the Databases and typically have the following extensions:

  • .mdf - Primary Data filegroups
  • .ndf - Secondary Data filegroups
  • .ldf - Transaction Log filegroups

SQL server backup files

These files contain the backup files and typically have the following extensions:

  • .bak - Database backup files
  • .trn - Transaction Log backup files

By default the directories that contain the Data and Backup files are located under C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL.

SQL profiler trace files

These files contain SQL Profiler Trace log data and can be contained in any folder.

They usually have the file extension .trc.

Managed endpoints

Exclude the following antivirus programs for managed endpoints.

Request Run As Administrator registry key

Arellia Application Control installs a context menu item that allows executables to be "Request Run as Administrator".

This context menu is added under the following registry key which some Antivirus programs incorrectly flag as malware:

  • HKLM\SOFTWARE\Classes\exefile\Shell

Client item database

This directory contains the Arellia Agent client item database and should be excluded from antivirus to prevent corruption:

  • %ProgramData%\Arellia\ClientItems
    • If required you can further limit this exclusion to all files with the .db and .db-* extensions under this location

Miscellaneous agent databases

This directory contains other internal databases used by the Arellia Agent such as the file hash cache and running process cache:

  • %ProgramData%\Arellia\Agent
    • If required you can further define this exclusion to all files with the .db and .db-* extensions under this location.

Arellia Application Control agent service

Some antivirus products require that the Arellia Application Control service be excluded from tamper protection rules.

This is due to the fact that Application Control manipulates other applications which AV may mistake as malicious.

  • C:\Program Files\Arellia\Agents\ApplicationControl\ArelliaACSvc.exe 

For more information on how to configure Symantec Endpoint Protection refer to KB article Enable Arellia Application Control Solution and Symantec Endpoint Protection (SEP).

 

  • No labels