J'ai souvent vue ou eu des demandes sur la faisabilité ou non d'installer un client anti-virus sur un serveur Forefront UAG. Bien entendu cela reste possible et ces exclusions concerne l'analyse ne temps réel.
J’insiste beaucoup sur le fait que ces exclusions doivent être mises en place avant le démarrage du moteur antiviral, ce type de serveur étant assez sensible cela peut vite entrainer des comportements aléatoires voir un effondrement des performances dans le cas contraire.
Dossiers à exclure :
- %windir%\SoftwareDistribution\Datastore
- %windir%\SoftwareDistribution\Datastore\Logs
- %ProgramFiles%\Microsoft Forefront Threat Management Gateway
- %ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS
- %ProgramFiles%\Microsoft SQL Server\MSSQL10.MSFW
- %ProgramFiles%\Microsoft Forefront Unified Access Gateway
Fichiers à exclure :
- %allusersprofile%\NTUser.pol
- %Systemroot%\System32\GroupPolicy\Registry.pol
- %windir%\Security\Database\*.edb
- %windir%\Security\Database\*.sdb
- %windir%\Security\Database\*.log
- %windir%\Security\Database\*.chk
- %windir%\Security\Database\*.jrs
- Res*.log
- Res*.jrs
- Edb.chk
- Tmp.edb
Processus à exclure :
| Nom | Emplacement |
| TMG Report Summary Generator | %ProgramFiles%\Microsoft Forefront Threat Management Gateway\dailysum.exe |
| TMG Report Generator | %ProgramFiles%\Microsoft Forefront Threat Management Gateway\isarepgen.exe |
| TMG Diagnostic Logging Viewer | %ProgramFiles%\Microsoft Forefront Threat Management Gateway\isadlviewer.exe |
| TMG Managed Control Service | %ProgramFiles%\Microsoft Forefront Threat Management Gateway\IsaManagedCtrl.exe |
| TMG Storage Service | %ProgramFiles%\Microsoft Forefront Threat Management Gateway\isastg.exe |
| TMG Administration Component | %ProgramFiles%\Microsoft Forefront Threat Management Gateway\mspadmin.exe |
| TMG Firewall Service | %ProgramFiles%\Microsoft Forefront Threat Management Gateway\wspsrv.exe |
| TMG Web Content Download Service | %ProgramFiles%\Microsoft Forefront Threat Management Gateway\w3prefch.exe |
| SQL 2008 Express and SQL 2008 Reporting Services | %ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS\MSSQL\Binn\sqlservr.exe |
| SQL 2008 Express and SQL 2008 Reporting Services | %ProgramFiles%\Microsoft SQL Server\MSSQL10.ISARS\MSSQL\Binn\ReportingServicesService.exe |
| SQL 2008 Express and SQL 2008 Reporting Services | %ProgramFiles%\Microsoft SQL Server\MSSQL10.MSFW\MSSQL\Binn\sqlservr.exe |
| Active Directory Lightweight Directory Services | %WinDir%\System32\dsamain.exe |
| Forefront UAG DNS-ALG Service | %ProgramFiles%\Microsoft Forefront Unified Access Gateway\DnsAlgSrv.exe |
| Forefront UAG Monitoring Manager | %ProgramFiles%\Microsoft Forefront Unified Access Gateway\MonitorMgrCom.exe |
| Forefront UAG Session Manager | %ProgramFiles%\Microsoft Forefront Unified Access Gateway\SessionMgrCom.exe |
| Forefront UAG File Sharing | %ProgramFiles%\Microsoft Forefront Unified Access Gateway\ShareAccess.exe |
| Forefront UAG Quarantine Enforcement Server | %ProgramFiles%\Microsoft Forefront Unified Access Gateway\uagqessvc.exe |
| Forefront UAG Terminal Services RDP Data | %ProgramFiles%\Microsoft Forefront Unified Access Gateway\uagrdpsvc.exe |
| Forefront UAG User Manager | %ProgramFiles%\Microsoft Forefront Unified Access Gateway\UserMgrCom.exe |
| Forefront UAG Watch Dog Service | %ProgramFiles%\Microsoft Forefront Unified Access Gateway\WatchDogSrv.exe |
| Forefront UAG Log Server | %ProgramFiles%\Microsoft Forefront Unified Access Gateway\whlerrsrv.exe |
| Forefront UAG SSL Network Tunneling Server | %ProgramFiles%\Microsoft Forefront Unified Access Gateway\whlios.exe |
Aucun commentaire:
Enregistrer un commentaire