Ah ok, I didn't realise you mean't quite that drastic. Seems like we may as well just turn "on access scan" off if we are just going to exclude the majority of the server anyway... think I will raise this with Mcafee and see if I can get a better solution. Will post back here if I get anywhere with them
Hmm unfortunately we just tried installing 8.8 and it caused none of our Citrix users to be able to log on... when they try to log in they either just get stuck on the "Running logon scripts" part or they get a Just In Time Debugger error. I uninstalled VSE 8.8 and then they could all log back on fine. I'm assuming this is an issue with VSE 8.8 and something we call in our logon scripts but will have to look into it further.
Confirmed for me as well: VSE 8.8 doesn't display any of the problems that I saw with VSE 8.7 on my Citrix servers. I'm now officially done with VSE 8.5!
VSE 8.8 does add one new problem, but it is very minor. I now see these mfehidk warnings in the server log, as per this thread: https://community.mcafee.com/thread/32189?start=0&tstart=0
Unlike some of the descriptions in that thread, I see only two mfehidk warnings logged at each daily server reboot, and they say that a fix is coming in the next Agent patch.
As problems go, this seems like a fair trade-off to me.