Automic Workload Automation

 View Only
  • 1.  need guidelines for antivirus exclusions for automic components

    Posted Feb 20, 2020 04:11 AM
    Are there any knowledge documents / guidelines on what exclusions we should use for servers running automic components - Automation engine, proxy client/server, AWI, Data analytics and of course, agents?
    We are implementing Sophos AV across the enterprise and want to create exclusion policies - including exclusions for Process, Files and Directories - to the automic infra servers.


  • 2.  RE: need guidelines for antivirus exclusions for automic components

    Posted Feb 20, 2020 05:33 AM
    One:

    Don't run Sophos WebIntelligence. At all. Not by any registry keys that supposedly exclude processes from web intelligence but by disabling the component entirely. It's kernel components caused obscure crashes of the agents that took us two ​years to find the root cause of, with little to no help from Automic or Sophos. That was with 10.x but I have no reason to believe it has been rectified. Like with most anti virus "solutions", the vendors just kept passing the blame back and forth.

    Source:

    https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MID=817333

    Two:

    Be prepared for Automic denying any support requests when they find out you are using Sophos. They used to have a KB article that told you that Sophos needs to be purged entirely from the AE system. I can not find that article at this time, maybe it vanished with the CA/Broadcom changes, but at least consider that you once heard it said that they might pull that out in response to support requests, whether actually related to Sophos or not.

    As for other exclusions, I can't comment much since we run our engine on Linux with no Sophos. Only our agents run on Windows, they seem to do fine with the presence of Sophos as long as WebIntelligence is utterly disabled. Even if your engine is on Windows my gut feeling is that you'd not be seeing much performance impact by having Sophos real-time scans for the memory parts, but I've never seen any benchmarks either way.

    Hth,


  • 3.  RE: need guidelines for antivirus exclusions for automic components
    Best Answer

    Posted Feb 20, 2020 05:40 AM
    ​Oh, the good news is, the KB article used to be here:

    https://automic.force.com/support/CommunityArticleDetail?id=ka3b0000000kBWQ

    Since Automic is no longer hosting at SalesForce, that link doesn't load anymore, so the chances of Automic whipping this out in response to a support request are lowered.

    The bad news is, I had that ammended with the information on Automic and WebIntelligence, and that valuable statement of "official" character has possibly then also vanished along with the SalesForce-hosted KB.


  • 4.  RE: need guidelines for antivirus exclusions for automic components

    Posted Feb 20, 2020 09:44 PM
    Thank you for these details Carsten. I will take them into account during the roll-out.
    Malathy


  • 5.  RE: need guidelines for antivirus exclusions for automic components

    Posted Feb 21, 2020 04:50 AM
    You're welcome :)​