We also use CA & VSE 8.8. We noticed a leak when we went from 8.7 p4 to 8.8 rtw. We are hoping that 8.8 p1 fixes the problem.
Also, we included the CA agent software in a low-risk processes policy for all our DCs & Exchange servers.
Thank god, we are not alone
First of all, thanks for contributing, as McAfee-website-wide, there is no entry at all for servers with VirusScan and Quest Change Auditor!
We did the same step from 8.7 p4 to 8.8 without patch with memory leaks and returned to 8.7 p4 !!! Last week I installed p5 for 8.7 and I got the same memory leaks! That was really bad! It turned out that 8.7 p5 uses same technologies as 8.8 according to McAfee support. I noticed there are some advises from Quest to exclude some processes in Buffer Overrun section (when using Antivirus software according to Quest release notes) and I excluded those processes but without great success, the memory leaks remained.
You were talking about including CA agent software in a low-risk process policy. Could you please further inform me, what you exactly did?
We set the option in the Default Processes Policy to use separate High-/Low- Risk Process policies. Then created a special Low-Risk Processes Policy that includes the following processes:
And then configured the policy to only scan when these processes write, and not on read.
We also made sure that **\Quest Software\ChangeAuditor\Agent\DBScripts\ChangeAuditorAgent.sdf was never scanned by OAS.
This seemed to help with overall performance, but didn't make a difference for the memory leak.