Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
455 Views 1 Reply Latest reply: Apr 26, 2013 6:13 AM by Attila Polinger RSS
Don_Martin Apprentice 104 posts since
Nov 11, 2010
Currently Being Moderated

Apr 25, 2013 8:36 AM

Where to look for "VirusScan Exclusion Monitor" for GS7.x?

Hello,

 

due to a severe error within our clustered exchange environment we need to clarify wether or not missing exclusions in VSE could be the reason for the error. According to KB51471 there is a monitor, specifically checking essential exclusions:

 

 

Out of KB51471

 

"VirusScan Exclusion Monitor
GroupShield 7.x and MSME 7.6 have a component called the VirusScan Exclusion Monitor which monitors the GroupShield-related exclusions that exist in the VirusScan configuration every three to four minutes. If the necessary exclusions are not present, the monitor adds them to the VirusScan configuration. This ensures that when either GSE or MSME is running on an Exchange server protected by VirusScan, the relevant GroupShield-related exclusions are always in place. Typically, the exclusions cover things such as the GroupShield Postgres database and quarantine folders, and temporary working folders."

 

 

I would like to know where to look for this monitor and if this one is working as it should be. As far as I understand the whole KB-article article there "could" be made some extra exclusions like the mentioned but the REALLY important one's are strictly checked by this monitoring routine and automatically added.

 

Regards

  • Attila Polinger Veteran 1,161 posts since
    Dec 8, 2009

    Hello,

     

    my understanding from the article is that such a component is a bultin system function ( and just named to have a distingushing name). Also my understanding as to its function from the article is that it only monitors the exclusions specified in the article. So there are no article exclusions and also other, really important (but not disclosed) exclusions.

     

    However I'd check if there are VirusScan exclusions enforced by ePO agent on the Exchange server and if that means overwriting all relevant exclusions (including the ones set by that Exclusion Monitor) with the exclusions specified in the VSE ePO policy. This also raises the question of exclusion specification syntax in ePO, whether it is properly specified or not. Or even the exclusion syntax that Exclusion Monitor adds.

     

    Attila

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points