Wednesday, 12 October 2011

How to exclude processes from virus scanning in McAfee ePO 4.5

Open the ePO management console and go to Policy Catalog. In the drop down menu switch to:

Product: VirusScan Enterprise 8.x.x
Category: On-Access Low-Risk Processes Policies


Create a new policy and apply it to the target computers. Click on Edit Settings, choose Workstation or Server, and add processes to the list under the tab Low-Risk Processes:


Switch to the Scan Items tab and tick or untick specific actions. If you want to exclude the listed processes from any kind of scanning (read/write/open for backup etc), remove the tick mark from all the tick boxes in the Scan files section. Save the changes.


Switch the Category drop-down menu to On-Access Default Processes Policies. Edit the policies that should include the process exclusion settings. Under the default tab Processes, select Workstation or Server and select the radio button for “Configure different scanning policies for high risk, low risk, and default processes”. Save the change.



Check if the policy applied successfully. Go to a targeted client computer, run the McAfee Agent Monitor (C:\Program Files\McAfee\Common Framework>cmdagent.exe /s), initialise policy refresh (click on Collect and Send Props, Check New Policies, Enforce Policies), open On-Access Scan properties, click on Low-Risk Processes and verify the new configuration has been applied under the tabs Processes and Scan Items.


How to create low-risk and high-risk process exclusions for VirusScan Enterprise 8.x in ePO 4.5

No comments:

Post a Comment