cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
beastman
Level 7
Report Inappropriate Content
Message 1 of 2

One Policy for exclusions vs Multiple Policies

We have multiple policies for excluding files/processes and I am wondering, what is the drawback of having only one policy. When it comes to a change the majority of servers are under one policy for exclusions but then we have some broken down i.e. SQL, Citrix, Carbon Black. When I need to make an exclusion to all servers I need to touch each of the policies. Having just one policy for exclusions would give me that ability to only do it at one place compared to multiple. Thanks
1 Reply
cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: One Policy for exclusions vs Multiple Policies

It all depends on how many exclusions you are talking about.  The longer the list of exclusions, the scanner has to parse through them continuously for on access scanning to determine whether a file or folder needs to be scanned or not.  I would suggest having maybe 2-4 policies, depending on the server type.  Example, epo doesn't really need any, but I typically exclude the events folder and log file types.  Sql server has its own low risk and file type exclusions needed, same with an Exchange server.  Keeping just a basic server type policy that can apply to multiple server types, but still be scaled down for efficiency, can improve overall performance.  You shouldn't need more than a few, which isn't too bad for policy maintenance.  Extremely large policies are also known to cause high cpu issues with the agent when the agent is trying to apply and enforce the large policy set.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community