Data Center Security

Hello, I'm looking for a Best Practice Guide for running Data Center Security on a Citrix Server. I have searched everywhere and cannot find hardly any information about Data Center Security and Citrix. We believe some of our issues we are seeing have only started after security pushed out Data Center Agent to our Citrix Servers. There are guides for Endpoint and Citrix but not DCS.

Thanks

Some questions:

Are you using an IPS policy besides NULL?

Is prevention enabled in the IPS policy?

Do you see any Warning events in red in the DCS console?

Have your tried enabling Trivial Logging?

One way to make sure that it is not DCS policy is to apply the NULL policy and see if the block still happens..
 

To be sure, you can uninstall the agent and reboot and see if the issue still occurs.

We have uninstalled the agent and the issues did go away. Security put the agent back on and sent the logs to Symantec and they did see a lot of Citrix items being blocked. They put in exclusions and say now that it is not blocking anything citrix related. We on the Citrix Server team feel it's still doing or blocking something but security says it's not. That is why I asked if there was some best practice guide for DCS and Citrix so that we could provide that to the security team and ask that they follow these best practices. As far as what policies are set I'm not sure as I'm on the citrix team not security.

Thanks