Endpoint Protection

 View Only

  • 1.  Does creating a custom Citrix exception rule nullify any default exceptions?

    Posted Jan 07, 2013 08:45 AM

    I suppose this could also apply to Exchange and other systems that SEP is programmed to take into consideration automatically...

    I have a Citrix farm and am looking at the Citrix-recommended exceptions for scanning.  After reading the Symantec Endpoint Protection 11.0 "Terminal Server and Citrix Best Practices White Paper" where is says on page 7: 

    "As per terminal servers, if you wish to run the SEP firewall on a Citrix server then it is possible to do so without any issue using the default rule set in SEP 11.0 MR2 and beyond. If, however you wish to create a custom rule set for Citrix then the following processes and communications ports should be taken into account:"

    Then it goes on to list a large number of exceptions...

    I know that SEP automatically takes into account certain system, like Exchange - knowing what to scan and what not to scan.  My question is this:  does creating a custom rule nullify the automatic exceptions that SEP already knows about?  It sure seems like that, based on my reading of that section in the white paper; otherwise, why would it say to add those exceptions only if creating a custom rule set?

     

    Many thanks,
    Mark



  • 2.  RE: Does creating a custom Citrix exception rule nullify any default exceptions?

    Posted Jan 07, 2013 08:50 AM

    Best Practices for Symantec Endpoint Protection on Citrix and Terminal Servers

     

    Article:TECH91070  |  Created: 2008-01-24  |  Updated: 2012-12-20  |  Article URL http://www.symantec.com/docs/TECH91070

     



  • 3.  RE: Does creating a custom Citrix exception rule nullify any default exceptions?

    Trusted Advisor
    Posted Jan 07, 2013 08:51 AM

    Hello,

    My question is this:  does creating a custom rule nullify the automatic exceptions that SEP already knows about?  It sure seems like that, based on my reading of that section in the white paper; otherwise, why would it say to add those exceptions only if creating a custom rule set?

    Answer:

    No, creating a custom rule does not nullify the automatic exceptions that SEP already knows about as these exceptions are by design.

    By design, Automatic Exceptions are created for MS Exchange.

    However in your case you would have to create specific excpetions over an above of MS Exchange manually.

    Hope that helps!!

     



  • 4.  RE: Does creating a custom Citrix exception rule nullify any default exceptions?

    Posted Jan 07, 2013 08:53 AM

    No, this won't affect existing exceptions, it will only add to them.



  • 5.  RE: Does creating a custom Citrix exception rule nullify any default exceptions?

    Posted Jan 07, 2013 09:15 AM

    So, in addition to whatever is not scanned by SEP as a built-in exception for Citrix, I really ought to add all of those listed in that whitepaper?

     

    Thanks,
    Mark



  • 6.  RE: Does creating a custom Citrix exception rule nullify any default exceptions?
    Best Answer

    Posted Jan 07, 2013 09:24 AM

    I don't believe SEP detects Citrix and auto adds exclusions, you will need to add these manaully.



  • 7.  RE: Does creating a custom Citrix exception rule nullify any default exceptions?

    Posted Jan 07, 2013 11:32 AM

    Thanks for the additional input  :-)

     

    Mark



  • 8.  RE: Does creating a custom Citrix exception rule nullify any default exceptions?

    Posted Jan 07, 2013 11:50 AM

    ATTN everyone who helped me with this question...

    I'm new to these forums and didn't realize that I could only give credit to one person for helping me.  I clicked on each of your answers, but only the last one that I clicked gave credit.

    I'm really sorry - I appreciate that all of you added input, but I don't know how to credit each of you  sad

     

    Mark