Looking for some advice please.
I have an ePolicy Orchestrator server and i want to run VirusScan Enterprise on it. Apart from the default microsoft exceptions what else should i specificaly not scan ?
You ask a really good question. First thing is to understand how Default Processes, Low Risk and High Risk function in VS88. Here is a an article with an associated video that will help you, McAfee KnowledgeBase - Understanding High-Risk, Low-Risk, and Default processes configuration and us....
Just about any vendor that you use could entertain an exclusion. Exclusions can help prevent corruption or to improve performance on a given system. There are exclusions meant for server applications specifically as there is with workstations. Microsoft is an obvious vendor for exclusions stretching through its product portfolio and potentially any varying version of a product. Here is how I would approach t;
1. Identify which products you use in your enterprise.
2. Try to google the vendor and the product name along with antivirus. You might get some good pointers.
3. Identify which exclusions should be in which policy (default processes or low risk) and which platform (server, workstation)
4. Use syntax to cover broader exclusions in a specific location only if you are willing to assume the risk. Otherwise declare each exclusion identified.
Between Microsoft, HP, Commvault, Blackberry and any other company you might have products for, there is likely to be an exclusion in your future.
Last thought, make sure you test your exclusions out by looking at the near real-time scanner and assuring the exclusion is not being scanned.
Hope this gives you something to think about.
Also check out our master list of exclusion articles here:
and Best Practices for Virusscan 8.8: