Wednesday, August 05, 2009 7:04 PM
In reference to the follwoing technet article (http://support.microsoft.com/kb/943620) MS states the the OCS and Forefront installation folders must be excluded before performing a file-level AV scan on the server using a 3rd party product. I would like a little bit more information on this topic.
Does this exclusion recommendation apply to on-access scanning? If so, doesn't this open up the server to the possibilty of contracting a virus should said virus decide to "hide" in one of these two directories?
If a virus does hide in this directory and is "invisible" to the 3rd party AV product, will Forefront for OCS detect and clean the directory?
Friday, August 07, 2009 5:31 PMWow, two days and no answer?
Tuesday, August 11, 2009 1:20 PMHello Matt,
Sorry for the delay in responding to your question. We're investigating to see what the best options are and we typically test our recommendations before posting a reply. We'll try and get back to you on this in the next day or so.
Thursday, September 24, 2009 2:33 PMHas there been any more information on this? I have on OCS R2 implementation and each role in OCS is on a different server. I would like to know what folders, files, and processes I should exclude from my AV software.
Wednesday, December 02, 2009 5:04 PMIn order for FSOCS to work as designed, the file-level A/V exclusion summarized in the referenced KB (http://support.microsoft.com/kb/943620) must be configured. The purpose of excluding Forefront’s folders from third party AV scanning is to prevent the undesired interference with Forefront’s normal operations. This interference can occur when third party products scan and possibly delete or modify transient data before Forefront has completed its use of that data.