About Antivirus exclusions (exceptions) for the Ivanti EPM Core Server

Version 12

    Verified Product Versions

    LANDESK Management Suite 2016.xLANDESK Endpoint Manager 2017.x

    This article discusses Antivirus exclusions (also known as exceptions) that are recommended for the Ivanti EPM Core Server.

     

    When installing Antivirus on the Ivanti EPM Core server, it is recommended to set the Real-time Protection File Types to Scan option to "Scan infectable files only".  This is set within the Ivanti Antivirus settings on the "Real-time Protection" tab.

     

    For general information about Antivirus Exclusions, see this article.

     

    For specific information on configuring Antivirus Exclusions for specific server types (IIS, SQL, Exchange, Etc) see this article.

     

     

    Some Antivirus products (Ivanti Antivirus included) have separate exclusions lists for real-time scanning and on-demand scanning.  Most exclusions will apply only to Real-time Scanning, as scanning some directories during computer operation can severely impact performance.

     

    Antivirus exclusions need to be set both in the "Protection" tab within the Ivanti Antivirus settings.  Within this section, there is a "Real-time" tab and a "Virus Scan" tab.

     

     

    Configuring Antivirus exclusions for an Ivanti Core Server

     

     

    As most Ivanti Core servers house IIS for the web console, general Antivirus exclusion instructions should be followed that pertain to IIS:

     

    Create the following exclusions:

     

      • The IIS compression directory (default compression directory is %systemroot%\IIS Temporary Compressed Files)
        (For XP and Server 2003 use "%systemroot%\IIS Temporary Compressed Files")
      • The  %systemroot%\system32\inetsrv folder
      • Files that have the .log extension

     

    If the SQL Database resides on the core server, the following instructions should be followed:

     

    http://support.microsoft.com/kb/309422

     

    Ivanti specific directories:

     

    \Program Files\LANDESK\Managementsuite\brokerreq

    \Program Files\LANDESK\Managementsuite\IncomingData

    \Program Files\LANDESK\Managementsuite\ldscan

    \Program Files\LANDESK\Managementsuite\log

    \Program Files\LANDESK\Managementsuite\sdstatus

    \Program Files\LANDESK\Managementsuite\xddfiles

    \Program Files\LANDESK\Managementsuite\vulscanresults

    \Program Files\LANDESK\Managementsuite\ldlogon\agentbehaviors

    \Program Files\LANDESK\Managementsuite\ldlogon\vulnerabilitydata

     

    Ivanti specific files:

    \Program Files\LANDESK\ManagementSuite\LANDESK.ManagementSuite.Licensing.ActivateCore.exe

    \Program Files\LANDESK\Managementsuite\ldlogon\ldiscn32.exe

     

    General Exclusion information for Microsoft Operating Systems

     

    http://support.microsoft.com/kb/822158