Citrix SEP 12 Recommendations
Our XEN / Citrix administrator is referring us to this link on Citrix's website that was last updated on January 4th of this year. Below is the summary of the recommendation that is from Citrix that we are considering. My question is: Are these exceptions still required with the latest SEP 12 RU 2? or are these built in so that the client is Citrix aware? Thank you!
Exclude the pagefile from being scanned.
• Exclude the Print Spooler directory from being scanned.
• Exclude specific files and folders within the \Program Files\Citrix directory that are accessed heavily or modified frequently. Including, the Local Host Cache (imalhc.mdb). The local Resource Manager Summary Database file (RMLocalDatabase.mdb) might also need to be excluded from the \Citrix Resource Manager\LocalDB sub-directory. While entire directories can be excluded, it should be noted that this is not considered a best practice by most antivirus vendors. In high-security environments, organizations should consider excluding specific files using exact names, such as ‘imalhc.mdb’. If exact file names cannot be used, Citrix recommends using wildcard exclusions to limit the attack surface area.
• If pass-through authentication is being used, for example in a XenDesktop or Shared Hosted desktop scenario, exclude the XenApp Online Plug-in bitmap cache directory (typically %AppData%\ICAClient\Cache).