Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

Third party AV client on the SEPM server

Created: 21 Jan 2013 • Updated: 21 Jan 2013 | 7 comments
S_K's picture
This issue has been solved. See solution.

Hello,

For one of our customers we have 2 environments, servers with 3rd party AV client installed (with its management console) and workstations with SEP client and managed by SEPM.

Of course, on the server where SEPM is installed we don't have SEP client but 3rd party AV. So I need to know which files/folders on the SEPM server should be excluded from scan. I found one article (http://www.symantec.com/business/support/index?page=content&id=TECH194432) but are there another files and folders that I have to exclude, for example LiveUpdate folder containing lucomserver....exe. luall.exe etc, or the Inetpub/Content folder?

Regards

Comments 7 CommentsJump to latest comment

pete_4u2002's picture

the link covers pretty much the all the folders.

LiveUpdate processing directories

 

Windows 2003 and Windows 2003 R2: 

  • \Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads

Windows 2008 and Windows 2008 R2:

  • \ProgramData\Symantec\LiveUpdate\Downloads
SebastianZ's picture

What is the OS of the SEPM machine? - the folders may differ depending on that. Is there any possibility to install SEP on this server instead of the 3rd party AV? SEP would have in place automatic scan folder exlusions for SEPM and the database:

http://www.symantec.com/business/support/index?pag...

Ashish-Sharma's picture

 

 

HI,

You can exlcude all SEPM file and folders.

It's available in C:\Program Files\Symantec..

Why you are using 3 rd party AV if SEP provide all level security

If you are install sep client it's automatic exclude all sep releated files and folders..

 

About the automatic exclusion of files and folders for Microsoft Exchange server and Symantec products

Article:TECH102400  | Created: 2007-01-02  | Updated: 2013-01-04  | Article URL http://www.symantec.com/docs/TECH102400
 

 

 

Note :Automatic Exclusion when applicable it's installed default location (C: Drive).If you are installed in different location you can manually added in Exclusion list

Thanks In Advance

Ashish Sharma

 

 

S_K's picture

It is requirement from the customer that servers are with another AV and workstations with SEP. Isn't it a risk if the whole SEPM directory is excluded from scan?

Ashish-Sharma's picture

NO,It's not a risk but when you can't exclude our sepm directory may be another third party av catch the sepm file as a virus.

It's bettwe you can exclude all SEPM directory.

Thanks In Advance

Ashish Sharma

 

 

.Brian's picture

Any time you exclude something from a scan, there is a risk. However, some directories contain so much activity that it needs to be excluded due to performance. Malware will typically look to install itself in temp locations or the system32 folder. I believe the risk will be minimal excluding the SEPM directory.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SOLUTION
S_K's picture

thanks, then I will exclude it