Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Security

Anti Virus Exclusion Guidelines for Microsoft Products

Running a good, constantly updated Anti-Virus program on your computers – server and workstations – is a must when looking into the potential risks in today’s IT world. However, when installing Anti-Virus software on a computer, you also risk having issues with some of the services and applications that run on these computers, most specially with the server machines. Anti-Virus software scans and sometimes locks files on the computers, and when you scan these files, performance and operating system reliability problems may occur because of file locking.

This is why it is extremely important to properly configure the Anti-Virus software to exclude specific files, file type and/or folders on the computers (most importantly – server machines) with an anti virus exclusion.

However, please note: When possible, try not exclude files based on the file name extension. For example, try not exclude all files that have a .dit or .vhd extensions. Of course this may not always be possible, but do try to be as specific as possible with any anti virus exclusion . In addition, try to exclude specific files and not entire folders. Excluding an entire folder maybe simpler but may not provide as much protection as excluding specific files based on file names.

With that said, enclosed is a comprehensive list of services and or software and links to articles that describe the proper Microsoft recommendations for configuring anti-Virus software that runs on servers hosting them.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

General Enterprise Configuration Recommendations for Windows operating systems:

http://support.microsoft.com/kb/822158

Forefront:

http://support.microsoft.com/kb/943556

http://support.microsoft.com/kb/943620

http://technet.microsoft.com/en-us/library/cc707727.aspx

Windows / Active Directory:

http://support.microsoft.com/kb/822158

http://support.microsoft.com/kb/837932

http://support.microsoft.com/kb/943556

FRS:

http://support.microsoft.com/kb/815263

SQL:

http://support.microsoft.com/kb/309422

IIS:

http://support.microsoft.com/kb/821749

http://support.microsoft.com/kb/817442

DHCP:

http://support.microsoft.com/kb/927059

SCCM:

http://blogs.technet.com/b/configurationmgr/archive/2010/11/30/configmgr-2007-antivirus-scan-and-exclusion-recommendations.aspx

SCOM / MOM:

http://support.microsoft.com/kb/975931

http://social.technet.microsoft.com/wiki/contents/articles/recommendations-for-antivirus-exclusions-in-mom-2005-and-operations-manager-2007.aspx

SMS:

http://support.microsoft.com/kb/327453

Hyper-V:

http://support.microsoft.com/kb/961804

Med-V:

http://social.technet.microsoft.com/wiki/contents/articles/recommended-anti-virus-exclusions-for-med-v-client-and-workspace-installations.aspx

App-V:

http://support.microsoft.com/kb/2576031

Exchange Server:

http://support.microsoft.com/kb/328841

http://support.microsoft.com/kb/823166

http://support.microsoft.com/kb/245822

http://technet.microsoft.com/en-us/library/bb332342(EXCHG.80).aspx

http://technet.microsoft.com/en-us/library/bb332342.aspx

Lync:

http://technet.microsoft.com/en-us/library/gg195736.aspx

Failover Clustering:

http://support.microsoft.com/kb/250355

SharePoint:

http://support.microsoft.com/kb/952167

http://support.microsoft.com/kb/320111

http://support.microsoft.com/kb/322941

ISA:

http://support.microsoft.com/kb/887311

WSUS and Windows Update:

http://support.microsoft.com/kb/900638

SBS:

http://support.microsoft.com/kb/885685

DPM:

http://technet.microsoft.com/en-us/library/bb808691.aspx

http://technet.microsoft.com/en-us/library/ff399439.aspx

Dynamics CRM:

http://community.dynamics.com/product/crm/crmtechnical/b/crminthefield/archive/2011/01/24/anti-virus-exclusions-for-microsoft-dynamics-crm.aspx

Dynamics AX:

http://blogs.msdn.com/b/czdaxsup/archive/2010/05/13/ax-application-files-locked-by-another-process.aspx

Some sources for this list include:

Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows
http://support.microsoft.com/kb/822158

Anti-Virus Exclusions and You! – Dude where’s my PFE? – Site Home – TechNet Blogs
http://blogs.technet.com/b/jeff_stokes/archive/2010/05/19/anti-virus-exclusions-and-you.aspx

Windows Anti Virus Exclusion List – TechNet Articles – Home – TechNet Wiki
http://social.technet.microsoft.com/wiki/contents/articles/953.aspx

Conclusion

Anti virus software is a good idea to protect your machine but they can cause some conflicts. Setting up simple anti virus exclusions is a good way around this issue. This article serves as a nice list of anti virus exclusion guidelines for Microsoft products specifically.

Related Topics:

Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: