locked
Possible to enable scanning on write/modify events only? RRS feed

  • Question

  • Is this possible with the newest FCS version? If not, does FEP support this? If so, how do you enable it in FEP?

    I have provisioned XenApp servers (all the servers are running from the same image over the network). I don't want the performance hit of scanning files on C: over the network, but I want the RTP for the security and to follow our company's policy.

    Thursday, November 29, 2012 9:10 PM

All replies

  • Hi

    Thank you for the post.

    You may skip certain files or folders when FEP scans the computer as per this: http://support.microsoft.com/kb/943556/en-us

    Regards,


    Nick Gu - MSFT

    Friday, November 30, 2012 2:14 AM
  • Thank you, but I am well aware of MS's recommendations on file exclusions. I'm also aware of Citrix's recommended exclusions for Provisioning Services and XenApp servers. Best practice according to Citrix however is to only scan on write events, not on access/reading according to the Citrix knowledge article CTX127030. That's what I want to achieve to avoid MsMpEng.exe taking to much CPU and affecting the user experience on our XenApp servers badly. We see it's one of the top CPU processes along with Internet Explorer and Outlook.

    Friday, November 30, 2012 8:08 AM