Endpoint Protection

As per registry key below SEP failed to enable automatic exceptions for exchange - is anyone aware of it? From SEP 14.3 RU1 MP1 exceptions are not visible in registry, making it hard to justify expected exclusions are working or not unless debugging is enabled - which can be very time consuming to investigate. Is there any KB article with list of exchange files/folders that SEP's automatic exclusions should contain?

Based on initial research noticed SEP missing out a lot of exchange files and folders. Also missing out Queue & IP filter database, checkpoint, and log files if they are on different drive.    

HKLM\Software\WOW6432node\Symantec\Symantec Endpoint Protection\AV\Exclusions\Exchange Server\NoScanDir

• E:\Program Files\Microsoft\Exchange Server\Mailbox=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\Mailbox\Mailroot\vsi 1\BadMail=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\Mailbox\Mailroot\vsi 1\PickUp=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\Mailbox\Mailroot\vsi 1\Queue=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\Hub\Connectivity=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\Hub\PipelineTracing=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\Hub\ProtocolLog\SmtpReceive=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\Hub\ProtocolLog\SmtpSend=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\Hub\Routing=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\MessageTracking=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Pickup=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Replay=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\Logging\Managed Folder Assistant=dword:00000000

As per registry key below SEP failed to enable automatic exceptions for exchange - is anyone aware of it? From SEP 14.3 RU1 MP1 exceptions are not visible in registry, making it hard to justify expected exclusions are working or not unless debugging is enabled - which can be very time consuming to investigate. Is there any KB article with list of exchange files/folders that SEP's automatic exclusions should contain?

Based on initial research noticed SEP missing out a lot of exchange files and folders. Also missing out Queue & IP filter database, checkpoint, and log files if they are on different drive.    

HKLM\Software\WOW6432node\Symantec\Symantec Endpoint Protection\AV\Exclusions\Exchange Server\NoScanDir

• E:\Program Files\Microsoft\Exchange Server\Mailbox=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\Mailbox\Mailroot\vsi 1\BadMail=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\Mailbox\Mailroot\vsi 1\PickUp=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\Mailbox\Mailroot\vsi 1\Queue=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\Hub\Connectivity=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\Hub\PipelineTracing=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\Hub\ProtocolLog\SmtpReceive=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\Hub\ProtocolLog\SmtpSend=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\Hub\Routing=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\MessageTracking=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Pickup=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\TransportRoles\Replay=dword:00000000
• E:\Program Files\Microsoft\Exchange Server\Logging\Managed Folder Assistant=dword:00000000