Central Technology Demanding Vendor Testing Data On Letterhead Before Implementing Macafee Exceptions - Is This Standard

Posted on 2012-09-21
Last Modified: 2013-11-22
Hello friends -

We've got a couple of servers that we 'own' (mostly) that are hosted by a central technology office.  Anyway, Macafee consistently sucks up 50%+ of the CPU on one of these machines, nearly every minute of the day.  We've been talking to our central technology gurus who set the rules about getting some directories excluded; they have responded that:

(we will) "... allow exclusions to be entered into the McAfee antivirus if the vendor will provide documentation that show proper testing has been performed stating reasoning behind the require exclusion of executable\driver\files\folders\etc .."

My initial reaction is, this is crazy.  We paid 10K plus for the software being throttled to death, near twice as much for the server to run it on (don't ask), and now I'm being told I need some letterhead based showing 'proper testing'; whatever that means.  I think it is fair to say that there have been disagreements between our area and central IT over a variety of issues.  So, maybe I'm not crazy; maybe this is something that happens all the time.  

So, that all being said, is this type of a request / mandate normal, unusual, or completely unheard of out there in expert land?  I don't know if there is a right answer or not; I'm just looking for opinions.  


Question by:passionlessDrone
    LVL 3

    Accepted Solution

    It sounds like a bit of a language breakdown, but I think what they are wanting is proof that the proposed directories are causing the slowdown and a basis for the request.  I have not seen that required on letterhead and am not sure who's letterhead they are wanting it on (yours or McAfee's) but my guess is they are just wanted some documented justification for the request...and that is NOT uncommon, because when a guy leaves a directory vulnerable and something slips in and destroys company files, he is the one responsible.

    Author Comment

    Sorry for leaving this open.  Accepted doublestick.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    PREFACE The purpose of this guide is to provide information to successfully add specific IIS 7.0 role services for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technol…
    Have you ever tried to find someone you know on Facebook and searched to find more than one result with the same picture? Perhaps someone you know has told you that they have a 'facebook stalker' or someone who is 'posing as them' online and ta…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now