Bloodhound detections on DoubleTake server
I keep getting bloodhound detections in data replicated from a remote server to a DoubleTake server. Both servers have a SEP11 cleint installed.
The DT server has the DT program and queue folders excluded, and also the drives where the replicated data is copied to are excluded by drive letter.
However the detections seem to happen at a lower level than that of Windows drive letters, eg \Device\HarddiskDmVolumes\PhysicalDmVolumes\BlockVolume7\replicated_files\document.doc
So some questions:
1. Can I exclude that location in a policy the same way I would for a drive letter?
2. Why is this detection happening at all - is there a problem with the way SEP11 interacts with DT
3. Is it better to just disable bloodhound on the DT servers?