Sign in
 
HomeProductsLibraryLearnDownloadsSupportForums
Microsoft Forefront TechCenter >
File Level AV and Forefront for OCS exclusions

답변됨 File Level AV and Forefront for OCS exclusions

  • Wednesday, August 05, 2009 7:04 PM
     
     
    Sign In to Vote
    0

    In reference to the follwoing technet article (http://support.microsoft.com/kb/943620) MS states the the OCS and Forefront installation folders must be excluded before performing a file-level AV scan on the server using a 3rd party product.  I would like a little bit more information on this topic.

    Does this exclusion recommendation apply to on-access scanning? If so, doesn't this open up the server to the possibilty of contracting a virus should said virus decide to "hide" in one of these two directories?

    If a virus does hide in this directory and is "invisible" to the 3rd party AV product, will Forefront for OCS detect and clean the directory?

    Thank you...

     

All Replies

  • Friday, August 07, 2009 5:31 PM
     
     
    Sign In to Vote
    0
    Wow, two days and no answer?
     
  • Tuesday, August 11, 2009 1:20 PM
     
     
    Sign In to Vote
    0
    Hello Matt,

    Sorry for the delay in responding to your question. We're investigating to see what the best options are and we typically test our recommendations before posting a reply. We'll try and get back to you on this in the next day or so.

    Thanks,

    Molly
     
  • Thursday, September 24, 2009 2:33 PM
     
     
    Sign In to Vote
    0
    Has there been any more information on this? I have on OCS R2 implementation and each role in OCS is on a different server. I would like to know what folders, files, and processes I should exclude from my AV software.
     
  • Wednesday, December 02, 2009 5:04 PM
     
     Answered
    Sign In to Vote
    0
    In order for FSOCS to work as designed, the file-level A/V exclusion summarized in the referenced KB (http://support.microsoft.com/kb/943620) must be configured.  The purpose of excluding Forefront’s folders from third party AV scanning is to prevent the undesired interference with Forefront’s normal operations.  This interference can occur when third party products scan and possibly delete or modify transient data before Forefront has completed its use of that data.

    HTH,
    ShreyS [MSFT]