What Are Windows 2008 Domain Controller Antivirus Exceptions And How Do I Fix Them?

What Are Windows 2008 Domain Controller Antivirus Exceptions And How Do I Fix Them?

In this user guide, we describe some of the possible causes that might trigger a windows 2008 domain controller for antivirus exceptions, and then we suggest possible fixes that you can try to resolve the issue.

I first encountered the need for exceptions in the Active Directory Operations for Server 2003 Product Guide. Page 73 “Process:Managing antivirus software on domain controllers

I don’t believe this content has been updated for later server releases, but the guide is still available for download today: http://www.microsoft.com/en-gb/download/details.aspx?id= 8573

… how to forgive yourself that the advice is still relevant.

If, on the other hand, Sophos support advertises that their product is ready to go, then instead of believing it, I’m guessing that over time they’ve hard-coded the required behavior, which is enabled by default.

How do I check defender exclusions?

Open Windows Defender Security Center. Click Virus & Threat Protection. Click on the main elements of the “Virus and Threat Protection” option. In the Exceptions section, click Add Exceptions or Doesn’t Exist.

If you’re unsure, add these exclusions to the Sophos Antivirus and HIPS policy that applies to your domain controllers. It won’t hurt.

Do we need antivirus for Windows Server?

AD/DC: Antivirus is not required if the drivers do not interact with the server (if there are multiple roles on the server). DHCP/DNS: Antivirus is not required if subscribers do not interact with servers (if it is known that the server has several roles).

For the sake of clarity, it might help to decide that kb822158 you’re quoting, as opposed to, as far as I can see, is talking about “register key exclusion rules”. It actually prescribes the rules for excluding the name pwow. Registry keys only mention name paths that should be excluded.

Was this post helpful to you? thumb_up thumb_down

Environment

McAfee Endpoint Security (ENS) Threat Prevention 10.x
McAfee VirusScan Enterprise (VSE) 8.x

Microsoft Windows Server – all subsequent versions

Summary

List of exceptions required for new Windows Domain Controller with Active Directory, optional File Replication Service/Distributed File System Replication:

For Windows Domain Controller compatibility with Active Directory and/or File Replication Service (FRS)/The Distributed File System Replication (dfsr):

  • Exclude cities recommended by Microsoft for devices for file-level scanning in the pr scannerand accessed by ENS or VSE.
  • For the most specific file exclusions, see the following Microsoft TechNet article: https://social.technet.microsoft.com/wiki/contents/articles/953.microsoft-anti-virus-exclusion-list . aspx. Skip to the Windows/Directory section of the latest TechNet article. Click the link to that particular article for the Windows version. This is the server you use in your environment.
  • To set up exceptions when Or ens VSE:

    When setting up omissions, always apply the principle that the more specific the omission, the lower the potential security risk. For instructions on setting up exclusions, see the observation documentation:

  • For more information about ENS, see Threat Prevention with Blocked Trusted Programs, Marketing Networks, and CPA Services in the Endpoint Security 10.7 Product Guide.
  • Note the following for VSE:
  • KB66909 – Endpoint Security/VirusScan Enterprise exception article
  • KB55898 – VirusScan Enterprise Exceptions Explained
  • KB67544 – How to create low and high risk process exclusions for VirusScan Enterprise 8.x in ePolicy Orchestrator
  • KB50998 – How to handle files and file exceptions using wildcards
  • KB61000 – Parse element path reported own physical address instead of rational address.
  • loading×Sorry to interrupt youUpdate

    Before installing Kaspersky Security 10.1.1 for Windows Server, remove many third-party antivirus programs from applications in general on servers.

    You can install Kaspersky Security 10.1.1 suitable for Windows Server without uninstalling Kaspersky Anti-Virus 8.0 for Windows Enterprise Server Edition or Kaspersky Security 10 for Windows Server.

    Server Hardware Requirements

    Does domain controller need antivirus?

    Antivirus software must be installed on all domain controllers in the company. Ideally, try installing this software on all other sites and client sites.Systems that interact with domain controllers.

    General requirements:

  • x86-64 compatible single-connection multiprocessor hard drive systems
  • Tough place:
  • Acceptable $70 for installation of all components of the software product.
  • 2 GB is recommended for database loading as well as storage.
  • 400 MB recommended for quarantine with storage backup. Go
  • 1 Recommended for storing firewood files.
  • Minimum requirements:

  • 1-core processor 1.4 GHz
  • 1 memory
  • 4 years free space on the disk subsystem
  • Recommended configuration:

  • Quad-core 2.4GHz processor
  • 2 GB RAM
  • 4 GB of free space on the disk subsystem
  • Software Requirements

    antivirus exclusions windows 2008 domain controllers

    Microsoft Windows Installer 3.1 must be installed for a specific installation and proper operation of the connected Kaspersky Security Console.

    How do I add anti Virus exclusions?

    Select Start > Settings > Update & Security > Windows Security > Virus and Random Protection. Under Virus & threat protection settings, select Manage settings, and then under Exclusions, select Add or get exclusions. Select Add Exclusion, then optionally select Files, Folders, Tracking Types, or Processes.

    You can download Kaspersky Security 10.1.1 for Windows Server to a server running one of the following 32-bit Microsoft Windows operating systems:

  • Windows Server 2003 Standard Enterprise // Datacenter SP2 or later
  • Windows Server 2003 R2 Standard Enterprise or /Datacenter SP2 or later
  • Windows Server 2008 Standard Enterprise // Datacenter SP1 and higher
  • Windows Server 2008 Core Standard Enterprise // Datacenter SP1 and later
  • antivirus exclusions windows 2008 domain controllers

    You can install Kaspersky Security 10.1.1 for Windows Server on a full server running one of the following deployed 64-bit Microsoft Windows systems:

  • Windows Server 2003 Standard/Enterprise Datacenter SP2 and later
  • Windows Server ’03 R2 Standard/Enterprise/Datacenter SP2 and later
  • Windows Server 2008 Standard/Enterprise/Datacenter SP1 and don’t forget later
  • Windows Server 2008 Core Standard Enterprise / Datacenter SP1 and later
  • Microsoft Small Business Server 2008 Standard-Premium
  • Windows Server 2008 R2 Foundation from Standard/Enterprise/Datacenter SP1 and later
  • Previous post Rozwiązywanie Problemów Z Kreatywnymi Pomysłami, Gdy Podsystem Simulink Jest Teraz Włączony
    Next post Wat Zijn Windows 2008 Domain Controller Antivirus-uitzonderingen En Hoe Los Ik Ze Op?