SCOM Anti-Virus Exclusions

SCOM – AV Exclusions

When you are setting up SCOM (either 2007 or 2012) it is important to make sure that if you have any anti-virus programs running on your servers that you setup exclusions for SCOM. If you don’t you can dramatically impact performance of both the Operations Console and SCOM itself, as well as preventing SCOM from working properly.

Exclusions by Executable:

The first thing you want to exclude is the .exe file. Be careful when doing this as excluding executable can cause unwanted side-effects such as preventing other undesirable programs from being identified. The executable is the same for both 2007 and 2012:

monitoringhost.exe

Exclusions by Directory:

When setting up exclusions for directories be sure to include real-time scans, scheduled scans and local scans. I will be putting in the default directories in this segment. You may have to adjust the locations in the exemptions if you did not use the defaults. Also, if the directory has greater than 8 characters you will need to put both the long and short directory names into the exclusions list (required by some AV programs to traverse the subdirectories).

SQL Database Servers

These exclusions include the SQL Server database files that are used by Operations Manager components and the system database files for the master database and for the tempdb database. To exclude these files by directory, exclude the directory for the .ldf and .mdf files such as:

C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data

D:\MSSQL\DATA

E:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Log

You will also want to exclude file types by extension. These exclusions include the SQL Server database files that are used by Operations Manager components and the system database files for the master database and for the tempdb database. The following file name extension-specific exclusions for Operations Manager includes real-time scans, scheduled scans, and local scans.

MDF

LDF

Operations Manager (Management Servers, Gateways and Agents)

These exclusions include the queue and log files that are used by Operations Manager.

     For 2007

C:\Program Files\System Center Operations Manager 2007\Health Service State\Health Service Store

     For 2012

C:\Program Files\System Center Operations Manager 2012\Health Service State\Health Service Store

C:\Program Files\System Center 2012\Operations Manager\<Component>\Health Service State\Health Service Store (<Component> will vary depending on if the server is an Agent or Server for Operations Manager)

The following file name extension-specific exclusions for Operations Manager includes real-time scans, scheduled scans, and local scans. Operations Manager (Management Servers, Gateways and Agents). These exclusions include the queue and log files that are used by Operations Manager.

EDB

CHK

LOG

Note Page files should also be excluded from any real-time scans.

 

 

 

Advertisements
This entry was posted in Misc Stuff and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s