Anti-Virus Exclusions

Always remember when introducing new servers and workstations into an environment to review the anti-virus exclusions for that server or workstation.  You don’t want your AV software scanning VHDs, Cluster Shared Volumes, SQL databases, Exchange databases, and files like those.  It’s really easy to roll out a new server and not take the time to exclude certain files, folders, and processes.

I recommend having anti-virus on ALL workstations and servers following best practices in regards to exclusions. Microsoft even recommends certain exclusions for all Windows based systems.  I also strongly recommend having different av groups each with different exclusions based on the role of the server.  I’ve seen too many times where there is a single av policy with exclusions for hyper-v, clustering, SQL, Exchange, AD, and things like that in a single policy.  You can do too much excluding also.  An example of this is excluding the windows folder and it’s sub folders.

Below is a great page that has tons a links to official and unofficial Microsoft recommendations for anti-virus exclusions.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s