What are the the recommended exclusions for Symantec Endpoint Protection (SEP) client on an Exchange 2007 Server?
Exchange 2007 can be installed with several different roles. As each role should have different exclusions, exclusions should be based on the roles you have installed.
Symantec Endpoint Protection's Exchange 2007 automatic exclusions detect the mailbox role and set the required base exclusions.
In a clustered environment, you must make additional exclusions manually.
Symantec recommends that you exclude the quorum disk, the %Winnt%\Cluster folder, and the file share witness which is located on another server in the environment, typically on the Hub Transport server.
For more information on how to make these exclusions manually, please see How to add a Security Risk Exception in the Endpoint Protection Manager.
For a list of recommended exclusions for Exchange 2007, read the Microsoft TechNet article File-Level Antivirus Scanning on Exchange 2007.
The Symantec Endpoint Protection client software creates file and folder scan exclusions for the following Microsoft Exchange server versions:
- Exchange 5.5
- Exchange 2000
- Exchange 2003
- Exchange 2007
- Exchange 2010
Symantec recommends that the Exchange server's OS always be protected by the latest available release of SEP. The Exchange server's message flow and Information Store must be protected by a dedicated mail security product, such as Symantec Mail Security for Microsoft Exchange.