Dear Partner,
Assuming the symantec endpoint has been push down to several serves including AD, Exchange, SQL Server....etc
How do I configure on the EndPoint projectION Manager to exclude those Active Directory and SQL below as an example.
How can this be configure and when you do an exclude, how does the endpoint project know that you are exclude server1(AD) or server4(sql server)? How can this configuraiton be done.
Thanks
Active Directory
Active Directory and related files to exclude
• Main NTDS database files. The location of these files is specified in:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\DSA Database File
The default location is %systemroot%\ntds.
File to exclude:
• Ntds.dit
• Active Directory transaction log files. The log directory on any given server is specified in:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Database Log Files Path
The default location is %systemroot%\ntds.
Files to exclude:
• EDB*.log (Notice the wildcard symbol; there can be several log files.)
• Edbres00001.jrs
• Edbres00001.jrs
• The NTDS Working folder that is specified in:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\DSA Working Directory
Files to exclude:
• TEMP.edb
• EDB.chk
SYSVOL files to exclude
The list in the following table shows the default locations of files and folders to be excluded or scanned for the SYSVOL directory and subdirectories when you use FRS to replicate SYSVOL.
Important
If you have placed SYSVOL in another location, then exclude the appropriate path for your installation.
Folder or File Scan or Exclude
%systemroot%\SYSVOL Exclude
%systemroot%\SYSVOL\domain Scan
%systemroot%\SYSVOL\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory Exclude
%systemroot%\SYSVOL\domain\policies Scan
%systemroot%\SYSVOL\domain\scripts Scan
%systemroot%\SYSVOL\staging Exclude
%systemroot%\SYSVOL\staging areas Exclude
%systemroot%\SYSVOL\sysvol Exclude
FRS and related files to exclude
• The FRS working directory that is specified in:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Working Directory
Files to exclude:
• <FRS working directory>\jet\sys\edb.chk
• <FRS working directory>\jet\ntfrs.jdb
• <FRS Working Directory>\jet\log\*.log
• The FRS database log files that are specified in:
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NtFrs\Parameters\DB Log File Directory
The default location is %systemroot%\ntds.
Files to exclude:
• <FRS working directory>\jet\log\*.log (if the registry entry is not set)
• <Database log file directory>\log\*.log (if the registry entry is set)
• FRS Replica_root files that are specified in:
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NtFrs\Parameters\Replica Sets\GUID\Replica Set Root
• The staging directory in:
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NtFrs\Parameters\Replica Sets\GUID\Replica Set Stage
• The FRS Preinstall directory at:
<Replica_root>\DO_NOT_REMOVE_NtFrs_PreInstall_Directory.
The Preinstall directory is always open when FRS is running.
DFS Replication and related files to exclude
• System Volume Information\DFSR folders and their contents (includes DFSR.DB). This system-protected directory contains working files for the DFS Replication service. It should not be scanned because these files are always in use by the service.
• <Replicated folder path>\dfsrprivate folders and their contents
SQL Server
Directories to exclude from virus scanning
When you configure your antivirus software settings, make sure that you exclude the following files and directories from virus scanning. Doing this improves the performance of the files and helps make sure that the files are not locked when the SQL Server service must use them. However, if these files become infected, your antivirus software will not unable to detect the infection.
SQL Server data files
These files usually have one of the following file name extensions:
.mdf
.ldf
.ndf
SQL Server backup files
These files frequently have one of the following file name extensions:
.bak
.trn
Full-Text catalog files
The directory that holds Analysis Services data