There's not many server-end systems that don't need exclusions. On XenApp, without a particular set of them you can't get EdgeSight working effectively, either - and if you use AppSense agents, you need to configure another particular set of exclusions, even on client endpoints.
The days of the reactive AV are coming to an end, I think. Application management stops more threats for us these days than traditional AV ever does. I'm tempted to run a few systems *without *standard AV, but my current emplyer won't let me take the risk, even for an experiment :-) On 24 August 2011 14:07, Michael B. Smith <mich...@smithcons.com> wrote: > BTW #3, not entering exclusions in an A/V product running on an Exchange > Server can also really foul up the works.**** > > ** ** > > BTW #4, not entering exclusions in an A/V product running on a SQL Server > can also really foul up the works.**** > > ** ** > > And your other comment is spot on! J**** > > ** ** > > Regards,**** > > ** ** > > Michael B. Smith**** > > Consultant and Exchange MVP**** > > http://TheEssentialExchange.com**** > > ** ** > > *From:* Webster [mailto:webs...@carlwebster.com] > *Sent:* Wednesday, August 24, 2011 9:01 AM > > *To:* NT System Admin Issues > *Subject:* RE: Symantec Endpoint Protection and Exclusions**** > > ** ** > > Tried that. Gave up. Found some posts saying in the managed version of > SEP that there is no way to export the exclusion stuff. This customer had > decided on the unmanaged version of SEP 12.1. Decisions like that make me > glad I charge by the hour! J I wound up just manually entering the > exclusions on all six Citrix XenApp servers.**** > > ** ** > > BTW #1, not entering exclusions in an A/V product running on a XenApp > server can really screw things up. They installed SEP 12.1 on all XenApp > servers over the weekend and didn’t tell me they were even planning on such > a thing. Monday morning all you know what broke loose when users were > getting corrupted profile, couldn’t log off and sessions would never > terminate and their main accounting app’s executable kept being blocked so > no one could do any accounting work. 12 man-hours later they were back > running.**** > > ** ** > > BTW #2, not entering exclusions in an A/V product running on a Domain > Controller can also really foul up the works.**** > > ** ** > > ID10T issues like this keep MBS and me in business.**** > > ** ** > > Thanks**** > > ** ** > > ** ** > > Carl Webster**** > > Consultant and Citrix Technology Professional**** > > http://www.CarlWebster.com <http://www.carlwebster.com/>**** > > ** ** > > ** ** > > *From:* Pete Howard [mailto:pchow...@yahoo.com] > *Sent:* Wednesday, August 24, 2011 7:51 AM > *To:* NT System Admin Issues > *Subject:* Re: Symantec Endpoint Protection and Exclusions**** > > ** ** > > You may have access to the key but not Regedit perms. Try importing from an > elevated cmd prompt ? > > Sent from my iPad**** > > > On Aug 23, 2011, at 11:58 PM, Webster <webs...@carlwebster.com> wrote:**** > > My GoogleFu is failing me. Is there a way to copy the Exclusions from > one computer to another? I found the registry key:**** > > **** > > [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint > Protection\AV\Exclusions]**** > > **** > > I exported it but when I try to import the .reg file, I get an access > denied. I gave my account FC permission to the key but still a no-go. Any > clues?**** > > **** > > Thanks**** > > **** > > **** > > Carl Webster**** > > Consultant and Citrix Technology Professional**** > > http://www.CarlWebster.com**** > > **** > > **** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ****** IMPORTANT INFORMATION/DISCLAIMER ***** This document should be read only by those persons to whom it is addressed. If you have received this message it was obviously addressed to you and therefore you can read it, even it we didn't mean to send it to you. However, if the contents of this email make no sense whatsoever then you probably were not the intended recipient, or, alternatively, you are a mindless cretin; either way, you should immediately kill yourself and destroy your computer (not necessarily in that order). Once you have taken this action, please contact us.. no, sorry, you can't use your computer, because you just destroyed it, and possibly also committed suicide afterwards, but I am starting to digress...... * * The originator of this email is not liable for the transmission of the information contained in this communication. Or are they? Either way it's a pretty dull legal query and frankly one I'm not going to dwell on. But should you have nothing better to do, please feel free to ruminate on it, and please pass on any concrete conclusions should you find them. However, if you pass them on via email, be sure to include a disclaimer regarding liability for transmission. * * In the event that the originator did not send this email to you, then please return it to us and attach a scanned-in picture of your mother's brother's wife wearing nothing but a kangaroo suit, and we will immediately refund you exactly half of what you paid for the can of Whiskas you bought when you went to Pets** ** At Home yesterday. * * We take no responsibility for non-receipt of this email because we are running Exchange 5.5 and everyone knows how glitchy that can be. In the event that you do get this message then please note that we take no responsibility for that either. Nor will we accept any liability, tacit or implied, for any damage you may or may not incur as a result of receiving, or not, as the case may be, from time to time, notwithstanding all liabilities implied or otherwise, ummm, hell, where was I...umm, no matter what happens, it is NOT, and NEVER WILL BE, OUR FAULT! * * The comments and opinions expressed herein are my own and NOT those of my employer, who, if he knew I was sending emails and surfing the seamier side of the Internet, would cut off my manhood and feed it to me for afternoon tea. * ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
