kam_uk
asked on
Setting McAfee exclusions via ePO Server
Hi
We are running McAfee ePO server 4.0 and VirusScan client 8.5
I have some servers that need to be brought online shortly. The applications that are held on them need some specific exclusions set as regards AV scanning, otherwise they will become corrupt.
I was thinking of creating a container in the McAfee EPO server, creating a policy that excludes the appropriate files/folders, and then applying this policy to the container.
Is this the correct way of doing things? Or is it better to create the exclusions locally on the McAfee client on the servers themselves?
What I'm worried is that once McAfee is installed on these servers, it will instantly start scanning before the client has the chance to download and apply the correct policy from the ePO server.
Can anyone confirm what the process is?
This is an urgent question, so max points!
Cheers!
We are running McAfee ePO server 4.0 and VirusScan client 8.5
I have some servers that need to be brought online shortly. The applications that are held on them need some specific exclusions set as regards AV scanning, otherwise they will become corrupt.
I was thinking of creating a container in the McAfee EPO server, creating a policy that excludes the appropriate files/folders, and then applying this policy to the container.
Is this the correct way of doing things? Or is it better to create the exclusions locally on the McAfee client on the servers themselves?
What I'm worried is that once McAfee is installed on these servers, it will instantly start scanning before the client has the chance to download and apply the correct policy from the ePO server.
Can anyone confirm what the process is?
This is an urgent question, so max points!
Cheers!
what would recomend first, the process on the on access scanner is the McShield.exe, the recommended thing would be to do the exclusion from epo, and make them general to the organization it doesnt matter, to ensure that the On Access Scanner is not enabled on the deployment there a section below each product that says command line options, in that box there you can type this
ENABLEONACCESSSCANNER= FALSE
and the on access scanner will be disabled on the installation and will be enabled upon the next agent policy enforcement interval.
the exclusions will be applied till the agent makes the enxt agent to server communication.
i work for mcafee, if i can help on any other way, dont hesitate im open to questions!!!
ENABLEONACCESSSCANNER= FALSE
and the on access scanner will be disabled on the installation and will be enabled upon the next agent policy enforcement interval.
the exclusions will be applied till the agent makes the enxt agent to server communication.
i work for mcafee, if i can help on any other way, dont hesitate im open to questions!!!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hiya
Nice to meet you outerheaven, hope to have you on here more !
Cheers
Si
Nice to meet you outerheaven, hope to have you on here more !
Cheers
Si
thanks dude!!! im a newbie here thanks for the welcome
Outer, we can soooo use your knowledge here, please dont' go anywhere !!!
It's always good to have a manufacturer contact here so I've very pleased to meet you !
Cheers
Si
It's always good to have a manufacturer contact here so I've very pleased to meet you !
Cheers
Si
McAfee scanning shouldn't corrupt any files, what programs are you talking about
I would personally set exclusions for scanning the specific directory structures through an exclusion policy
Once you have installed the ePO agent, it will download the latest policies before installing the scanning software
Is that clear ? I know it's Friday night and it might not make much sense
Cheers
Si