About SEP automatic exclusion of files and folders for Microsoft Exchange server and Symantec products
Last Updated June 02, 2014
Symantec Mail Security for Microsoft Exchange (SMSMSE) 6.x is installed on the same Server as Symantec Endpoint Protection (SEP) Client and it is necessary to know if the automatic exclusions are in place.
SMSMSE6.x folders are not automatically excluded by the SEP automatic exclusion system
If installing SMSMSE 6.x, one directory needs to be excluded manually. Assuming a default installation path for Mail Security:
C:\Program Files\Symantec\SMSMSE\6.0\Server\ or on 64-bit systems C:\Program Files (x86)\Symantec\SMSMSE\6.0\Server\
The actual path to the above directory can vary, depending on custom installations, and will need to be set up accordingly.
References For reference here Page 410 - SEP Administrator Manual:
If Microsoft Exchange servers are installed on the computer where the Symantec Endpoint Protection client is installed, the client software automatically detects the presence of Exchange. When the client software detects a Microsoft Exchange server, it creates the appropriate file and folder exclusions for File System Auto-Protect and all other scans.
Microsoft Exchange servers can include clustered servers. The client software checks for changes in the location of the appropriate Exchange files and folders at regular intervals.
If installing Exchange on a computer where the client software is already installed, the exclusions are created when the client checks for changes.
The client excludes both files and folders; if a single file is moved from an excluded folder, the file remains excluded.
The client software creates file and folder scan exclusions for the following Microsoft Exchange server versions:
For Exchange 2007, see the user documentation for information about compatibility with antivirus software. It may be necessary to create scan exclusions for some Exchange 2007 folders manually. For example, if servers are clustered or non-default locations for folders are in use, exclusions must be created.
Note: To see the exclusions that the client creates, examine the contents of the HKEY_LOCAL_MACHINE\Software\Symantec\Symantec Endpoint Protection\AV\Exclusions registry key. Do not edit this registry key directly. It is possible to configure any additional exclusions by using centralized exceptions. The client does not exclude the system temporary folders from scans because doing so can create a significant security vulnerability on a computer.
Imported Document ID: TECH89592
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe