Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?

  • 1.  Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?

    Posted Aug 27, 2009 11:07 PM
    Hi,
    Can I use  SEP 11 MR4 MP2 in domain cotroller and exchange server?
    Anyone installed it in domain cotroller and exchange server?
    Everything works fine?
    Thanks.

    Regards,
    Lily


  • 2.  RE: Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?

    Posted Aug 28, 2009 12:44 AM
    Hi Lily,

    I moved your post to the correct forum (SEP/AV) for better exposure. In the future, be sure to post here instead of in the SEP SBE forum.


    Regards,
    Thomas


  • 3.  RE: Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?

    Posted Aug 28, 2009 03:43 AM

    SEP works great on Exchange and Domian Controllers. I have installed SEP in atleast 100s of them.
    one thing to take into consideration before installing is.
    Make sure you do not have any strict policies configured for your SEP Firewall..or test your firewall policies once in test environment before installing SEP with firewall on domain/exchange servers.
    Or if you don't want a firewall.Install only Antivirus and Antispyware feature of SEP and it will work great,,

    Critical exchange files and folder are automatically excluded by sep antivirus scan so that it won't harm your exchange and a DC won't require any addtional configuration.



  • 4.  RE: Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?

    Posted Aug 28, 2009 04:00 AM
    Virus scanning recommendations for computers that are running Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows 2000, Windows XP, or Windows Vista

    http://support.microsoft.com/kb/822158


  • 5.  RE: Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?

    Posted Aug 28, 2009 06:05 AM

    Yes SEP works on DC , Exchange servers, There are no issues with that. Above all it creates automatic exclusions so that we don't have to create excluiosn for DC and Exchange

     

     
    SEP client creates automatic exclusion for :
    1.       Exchange server
    2.       Active Directory domain controller database
    3.       Database
     This is by design.
     
    Automatic exclusion of Active Directory files and folders

     
    The client monitors the applications that are installed on the client computer. If the software detects Active Directory on the client computer, the software automatically creates the exclusions.
    The client software creates file and folder exclusions for the Active Directory domain controller database, logs, and working files.

     



  • 6.  RE: Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?

    Posted Aug 28, 2009 06:56 AM

    SEP works fine on DC, you install the SEP client on DC or Exchange it creates necessary exlcusions in the registrty, i posted this in one of my earliest posts..here the list of exclusions for DC

    [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Exclusions\Domain Controller]
    "HaveExceptionFiles"=dword:00000001
    "HaveExceptionDirs"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Exclusions\Domain Controller\FileExceptions]
    "C:\\WINDOWS\\NTDS\\EDB.chk"=dword:00000000
    "C:\\WINDOWS\\NTDS\\edb.log"=dword:00000000
    "C:\\WINDOWS\\NTDS\\edb00001.log"=dword:00000000
    "C:\\WINDOWS\\NTDS\\edb00002.log"=dword:00000000
    "C:\\WINDOWS\\NTDS\\edb00003.log"=dword:00000000
    "C:\\WINDOWS\\NTDS\\ntds.dit"=dword:00000000
    "C:\\WINDOWS\\NTDS\\RES1.log"=dword:00000000
    "C:\\WINDOWS\\NTDS\\RES2.log"=dword:00000000
    "C:\\WINDOWS\\NTDS\\TEMP.edb"=dword:00000000
    "C:\\WINDOWS\\ntfrs\\jet\\log\\edb.log"=dword:00000000
    "C:\\WINDOWS\\ntfrs\\jet\\log\\res1.log"=dword:00000000
    "C:\\WINDOWS\\ntfrs\\jet\\log\\res2.log"=dword:00000000
    "C:\\WINDOWS\\ntfrs\\jet\\Ntfrs.jdb"=dword:00000000
    "C:\\WINDOWS\\ntfrs\\jet\\sys\\edb.chk"=dword:00000000

    [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Exclusions\Domain Controller\NoScanDir]
    "C:\\WINDOWS\\SYSVOL"=dword:00000000
    "c:\\windows\\sysvol\\domain\\DO_NOT_REMOVE_NtFrs_PreInstall_Directory"=dword:00000001
    "c:\\windows\\sysvol\\staging"=dword:00000001
    "C:\\WINDOWS\\SYSVOL\\staging areas"=dword:00000001
    "C:\\WINDOWS\\SYSVOL\\sysvol"=dword:00000001

     The SEP client software is 'smart' enough to know that exclusions should be made for Exchange servers. The below document notes this, and adds some additional information for other Symantec producsts like Symantec Mail Security for MSE.

    http://service1.symantec.com/support/ent-security....

    from the post

    https://www-secure.symantec.com/connect/forums/installing-sep-exchange-server

     



  • 7.  RE: Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?
    Best Answer

    Posted Aug 28, 2009 07:11 AM
    Hi,

    when creating package, for domain controller or exchange server then

    remove Protactive threat protection and Network threat protection

    this will solve your problem.


  • 8.  RE: Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?

    Posted Aug 30, 2009 11:36 PM
    thanks for all your replies.
    I will install it and come back here later to update the information.


  • 9.  RE: Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?

    Posted Sep 24, 2009 02:21 AM
    it works fine if i disable network protection.
    thanks again.


  • 10.  RE: Can I use SEP 11 MR4 MP2 in domain cotroller and exchange server?

    Posted Sep 24, 2009 10:16 AM
    Automatic detection of exceptions is great. However, we discovered that not all necessary files to exclude are actually excluded on Windows 2008 Domain Controllers. NTDS database extensions are .jdb for the database and .jrs for the log files but SEP seems to  exclude the edbxxxxxx.log files insted of the.jrs files.