vendredi 3 décembre 2010

[UAG] Exclusions anti-virus


J'ai souvent vue ou eu des demandes sur la faisabilité ou non d'installer un client anti-virus sur un serveur Forefront UAG. Bien entendu cela reste possible et ces exclusions concerne l'analyse ne temps réel.

J’insiste beaucoup sur le fait que ces exclusions doivent être mises en place avant le démarrage du moteur antiviral, ce type de serveur étant assez sensible cela peut vite entrainer des comportements aléatoires voir un effondrement des performances dans le cas contraire.

Dossiers à exclure :
  • %windir%\SoftwareDistribution\Datastore
  • %windir%\SoftwareDistribution\Datastore\Logs
  • %ProgramFiles%\Microsoft Forefront Threat Management Gateway
  • %ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS
  • %ProgramFiles%\Microsoft SQL Server\MSSQL10.MSFW
  • %ProgramFiles%\Microsoft Forefront Unified Access Gateway
Fichiers à exclure :
  • %allusersprofile%\NTUser.pol
  • %Systemroot%\System32\GroupPolicy\Registry.pol
  • %windir%\Security\Database\*.edb
  • %windir%\Security\Database\*.sdb
  • %windir%\Security\Database\*.log
  • %windir%\Security\Database\*.chk
  • %windir%\Security\Database\*.jrs
  • Res*.log
  • Res*.jrs
  • Edb.chk
  • Tmp.edb
Processus à exclure :
NomEmplacement
TMG Report Summary Generator%ProgramFiles%\Microsoft Forefront Threat Management Gateway\dailysum.exe
TMG Report Generator%ProgramFiles%\Microsoft Forefront Threat Management Gateway\isarepgen.exe
TMG Diagnostic Logging Viewer%ProgramFiles%\Microsoft Forefront Threat Management Gateway\isadlviewer.exe
TMG Managed Control Service%ProgramFiles%\Microsoft Forefront Threat Management Gateway\IsaManagedCtrl.exe
TMG Storage Service%ProgramFiles%\Microsoft Forefront Threat Management Gateway\isastg.exe
TMG Administration Component%ProgramFiles%\Microsoft Forefront Threat Management Gateway\mspadmin.exe
TMG Firewall Service%ProgramFiles%\Microsoft Forefront Threat Management Gateway\wspsrv.exe
TMG Web Content Download Service%ProgramFiles%\Microsoft Forefront Threat Management Gateway\w3prefch.exe
SQL 2008 Express and SQL 2008 Reporting Services%ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS\MSSQL\Binn\sqlservr.exe
SQL 2008 Express and SQL 2008 Reporting Services%ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS\MSSQL\Binn\ReportingServicesService.exe
SQL 2008 Express and SQL 2008 Reporting Services%ProgramFiles%\Microsoft SQL Server\MSSQL10.MSFW\MSSQL\Binn\sqlservr.exe
Active Directory Lightweight Directory Services%WinDir%\System32\dsamain.exe
Forefront UAG DNS-ALG Service%ProgramFiles%\Microsoft Forefront Unified Access Gateway\DnsAlgSrv.exe
Forefront UAG Monitoring Manager%ProgramFiles%\Microsoft Forefront Unified Access Gateway\MonitorMgrCom.exe
Forefront UAG Session Manager%ProgramFiles%\Microsoft Forefront Unified Access Gateway\SessionMgrCom.exe
Forefront UAG File Sharing%ProgramFiles%\Microsoft Forefront Unified Access Gateway\ShareAccess.exe
Forefront UAG Quarantine Enforcement Server%ProgramFiles%\Microsoft Forefront Unified Access Gateway\uagqessvc.exe
Forefront UAG Terminal Services RDP Data%ProgramFiles%\Microsoft Forefront Unified Access Gateway\uagrdpsvc.exe
Forefront UAG User Manager%ProgramFiles%\Microsoft Forefront Unified Access Gateway\UserMgrCom.exe
Forefront UAG Watch Dog Service%ProgramFiles%\Microsoft Forefront Unified Access Gateway\WatchDogSrv.exe
Forefront UAG Log Server%ProgramFiles%\Microsoft Forefront Unified Access Gateway\whlerrsrv.exe
Forefront UAG SSL Network Tunneling Server%ProgramFiles%\Microsoft Forefront Unified Access Gateway\whlios.exe

Aucun commentaire:

Publier un commentaire