In this user guide, we describe some of the possible causes that might trigger a windows 2008 domain controller for antivirus exceptions, and then we suggest possible fixes that you can try to resolve the issue.
I first encountered the need for exceptions in the Active Directory Operations for Server 2003 Product Guide. Page 73 “Process:Managing antivirus software on domain controllers“
I don’t believe this content has been updated for later server releases, but the guide is still available for download today: http://www.microsoft.com/en-gb/download/details.aspx?id= 8573
… how to forgive yourself that the advice is still relevant.
If, on the other hand, Sophos support advertises that their product is ready to go, then instead of believing it, I’m guessing that over time they’ve hard-coded the required behavior, which is enabled by default.
How do I check defender exclusions?
Open Windows Defender Security Center. Click Virus & Threat Protection. Click on the main elements of the “Virus and Threat Protection” option. In the Exceptions section, click Add Exceptions or Doesn’t Exist.
If you’re unsure, add these exclusions to the Sophos Antivirus and HIPS policy that applies to your domain controllers. It won’t hurt.
Do we need antivirus for Windows Server?
AD/DC: Antivirus is not required if the drivers do not interact with the server (if there are multiple roles on the server). DHCP/DNS: Antivirus is not required if subscribers do not interact with servers (if it is known that the server has several roles).
For the sake of clarity, it might help to decide that kb822158 you’re quoting, as opposed to, as far as I can see, is talking about “register key exclusion rules”. It actually prescribes the rules for excluding the name pwow. Registry keys only mention name paths that should be excluded.
McAfee Endpoint Security (ENS) Threat Prevention 10.x
McAfee VirusScan Enterprise (VSE) 8.x
Microsoft Windows Server – all subsequent versions
List of exceptions required for new Windows Domain Controller with Active Directory, optional File Replication Service/Distributed File System Replication:
For Windows Domain Controller compatibility with Active Directory and/or File Replication Service (FRS)/The Distributed File System Replication (dfsr):
To set up exceptions when Or ens VSE:
When setting up omissions, always apply the principle that the more specific the omission, the lower the potential security risk. For instructions on setting up exclusions, see the observation documentation:
loadingÃ—Sorry to interrupt youUpdate
Before installing Kaspersky Security 10.1.1 for Windows Server, remove many third-party antivirus programs from applications in general on servers.
You can install Kaspersky Security 10.1.1 suitable for Windows Server without uninstalling Kaspersky Anti-Virus 8.0 for Windows Enterprise Server Edition or Kaspersky Security 10 for Windows Server.
Server Hardware Requirements
Does domain controller need antivirus?
Antivirus software must be installed on all domain controllers in the company. Ideally, try installing this software on all other sites and client sites.Systems that interact with domain controllers.
Microsoft Windows Installer 3.1 must be installed for a specific installation and proper operation of the connected Kaspersky Security Console.
How do I add anti Virus exclusions?
Select Start > Settings > Update & Security > Windows Security > Virus and Random Protection. Under Virus & threat protection settings, select Manage settings, and then under Exclusions, select Add or get exclusions. Select Add Exclusion, then optionally select Files, Folders, Tracking Types, or Processes.
You can download Kaspersky Security 10.1.1 for Windows Server to a server running one of the following 32-bit Microsoft Windows operating systems:
You can install Kaspersky Security 10.1.1 for Windows Server on a full server running one of the following deployed 64-bit Microsoft Windows systems: