Endpoint Protection

 View Only

  • 1.  File-Level Antivirus Scanning on Exchange 2007 and other Vendor exceptions

    Posted Aug 08, 2012 01:01 PM

    I have searched the Symantec site and cannot get a complete picture on how Symantec implements Microsoft's recommended exceptions. Do I need to worry about creating Exceptions for exchange 2007, or other Microsoft Products, or has has Symantec already reviewed the all of Microsoft’s recommendations and implemented them for me. I see a lot of discussions asking how to configure these recommendations, and a couple of articles on domain controllers saying Symantec accounted for for these recommendations. Can we get a definitive answer as to whether or not we need to configure these exceptions or that Symantec has done their homework and created the appropriate exceptions for us?  And how do these exceptions apply to other systems, if you are excluding *.log behind the sense's for Windows DC, do I need to exclude these on SQL servers? Does Symantec have a recommended list of exceptions the customer needs to create?

     The other issue with Exceptions in endpoint protection is that exception are a wide brush, you cannot create exclude “a list of file extension in a directory on a specific server(s)”, without creating a client group for each server or set of servers you need an explicit exception for, and the interface does not allow the comments to document why you created the exception and what issues you are trying to solve.



  • 2.  RE: File-Level Antivirus Scanning on Exchange 2007 and other Vendor exceptions

    Posted Aug 08, 2012 01:13 PM

    Have you seen this:

    About the automatic exclusion of files and folders for Microsoft Exchange server and Symantec products

    http://www.symantec.com/business/support/index?page=content&id=TECH102400&locale=en_US

    Does the upgrade of a Server to a Domain Controller Automatically create the necessary exception for the Active Directory ?

    http://www.symantec.com/business/support/index?page=content&id=TECH95886&locale=en_US

     

    For a definitive answer, you'll probably need to call Symantec.



  • 3.  RE: File-Level Antivirus Scanning on Exchange 2007 and other Vendor exceptions

    Posted Aug 08, 2012 01:33 PM

    I did not see the exchange, thanks,



  • 4.  RE: File-Level Antivirus Scanning on Exchange 2007 and other Vendor exceptions

    Trusted Advisor
    Posted Aug 08, 2012 01:42 PM

    Hello,

    Check these Articles:

    Best Practices for Installing Symantec Endpoint Protection (SEP) on Windows Servers

    http://www.symantec.com/docs/TECH92440

    About the automatic exclusion of files and folders for Microsoft Exchange server and Symantec products

    http://www.symantec.com/docs/TECH102400

    How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory

    http://www.symantec.com/docs/TECH105814

    Preventing Symantec Endpoint Protection 11.0 from scanning the Microsoft Exchange 2007 directory structure

    http://www.symantec.com/docs/TECH102249

    Preventing Symantec Endpoint Protection 11.0 from scanning the Microsoft Exchange 2010 directory structure

    http://www.symantec.com/business/support/index?page=content&id=TECH97707&locale=en_US

    Configuring Symantec Endpoint Protection 11.0 exclusions for Microsoft Forefront

    http://www.symantec.com/docs/TECH106465

    Exclusions required to run Symantec Endpoint Protection with Windows SharePoint Services 3.0 or SharePoint Server 3.0

    http://www.symantec.com/docs/TECH91287

    How to exclude SQL files and folders using Centralized Exceptions

    http://www.symantec.com/docs/TECH105240

    What scan exclusions could be applied to an Oracle database server running Symantec Antivirus or Symantec Endpoint Protection

    http://www.symantec.com/docs/TECH134383

    Guidelines for choosing antivirus software to run on the computers that are running SQL Server

    http://support.microsoft.com/kb/309422

    For Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, and Windows 2000 domain controllers 

    http://support.microsoft.com/default.aspx?kbid=822158

    Hope that helps!!



  • 5.  RE: File-Level Antivirus Scanning on Exchange 2007 and other Vendor exceptions

    Posted Aug 08, 2012 04:48 PM

    Hi Mithun.

    This post of yours is well worth book marking / saving to Favourites.



  • 6.  RE: File-Level Antivirus Scanning on Exchange 2007 and other Vendor exceptions

    Posted Aug 08, 2012 07:11 PM

    Do I need to worry about creating Exceptions for exchange 2007, or other Microsoft Products, or has has Symantec already reviewed the all of Microsoft’s recommendations and implemented them for me.

    Allow me to confirm, as an Exchange admin and SEP admin: the most recent releases of SEP 11 and all SEP 12.1 releases will automatically detect the presence of MS Exchange and create the necessary exclusions.

    The only cases in which manual exclusions are necessary are when Exchange is not installed to a default location, and in case the Symantec Mail Security for MS Exchange product is installed (exclude the SMSMSE directory, just in case).

    "Thumbs up" to the official articles referenced above!

    Hope this helps! &: )