hi guys im working now with several servers in my enterprise organization like ( exchange , adfs , sccm ,scom , and others) and part of the policy at my organization is the implementation of the McAfee agent on the servers , my question is whether Microsoft a Best Practice for defining the McAfee policy on the servers so that they do not utilize more resources like cpu and memory ? , for example one time the Sccm server start to overuse his cpu and working on the server was very slow , we discovered later that mcafee was the cause to that because he was scanning all the sccm files and there were a lot , so we needed to configure his policy to do not scan some areas .
hope you guys can help me .
have a good day .
The agent itself does no scanning. I will move this over to the ens team.
Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Microsoft has some lists for each of their products of recommended antivirus exclusions.
Main consolidated list of articles: https://social.technet.microsoft.com/wiki/contents/articles/953.microsoft-anti-virus-exclusion-list....
We have the following KB on how to improve performance when using ENS:
Note that if you are using ENS with the scan option "Let McAfee Decide" then you will not need to implement many exclusions at all, as these have all been embedded into the product by our Trust Model.
I refer to the following KB: https://kc.mcafee.com/corporate/index?page=content&id=KB66909
"IMPORTANT: The Microsoft exclusions and McAfee applications listed in this article are not needed for ENS if you select the option Let McAfee Decide when choosing when to scan files with the on-access scanner. For more information about how the option Let McAfee Decide uses the AMCore trust model for scan avoidance, see the community post at: https://community.mcafee.com/t5/Documents/Explanation-of-AMCore-Trust-Model-v1p3-pdf/ta-p/550630."
For any vendor specific recommendations though, you would need to ask the vendor themselves - in this case Microsoft. We can only advise on settings for our products.