Preventing Symantec Endpoint Protection from scanning the Microsoft Exchange 2007 directory structure

Article:TECH102249  |  Created: 2007-01-26  |  Updated: 2013-01-04  |  Article URL http://www.symantec.com/docs/TECH102249
Article Type
Technical Solution


Issue



What are the the recommended exclusions for Symantec Endpoint Protection (SEP) client on an Exchange 2007 Server?


Solution



Exchange 2007 can be installed with several different roles. As each role should have different exclusions, exclusions should be based on the roles you have installed.

Symantec Endpoint Protection's Exchange 2007 automatic exclusions detect the mailbox role and set the required base exclusions.

In a clustered environment, you must make additional exclusions manually.

Symantec recommends that you exclude the quorum disk, the %Winnt%\Cluster folder, and the file share witness which is located on another server in the environment, typically on the Hub Transport server.

For more information on how to make these exclusions manually, please see How to add a Security Risk Exception in the Endpoint Protection Manager.

For a list of recommended exclusions for Exchange 2007, read the Microsoft TechNet article File-Level Antivirus Scanning on Exchange 2007.

Technical Information
The Symantec Endpoint Protection client software creates file and folder scan exclusions for the following Microsoft Exchange server versions:

  • Exchange 5.5
  • Exchange 2000
  • Exchange 2003
  • Exchange 2007
  • Exchange 2010

Symantec recommends that the Exchange server's OS always be protected by the latest available release of SEP.  The Exchange server's message flow and Information Store must be protected by a dedicated mail security product, such as Symantec Mail Security for Microsoft Exchange




Legacy ID



2007072619121148


Article URL http://www.symantec.com/docs/TECH102249


Terms of use for this information are found in Legal Notices