There is a template white paper kicking around that details all sorts of anti-virus exclusions for Microsoft products. It had up to SMS 2003, but I'm guessing you can roughly use the same folders for ConfigMgr. It used to be hosted on myITforum.com, but it looks as if the link is now gone. I can send you a copy off line if you like.
check that blog out as well...
Deep in the bowels of the SCCM 2007 online documentation is the recommendations for improving SCCM performance. No specific section in the document addresses antivirus exclusions exclusively. Nor do they provide the exact paths to exclude. They leave you to figure this out on your own, and that can be fun if your using x64 platforms with x86 information, or your admin setup customized paths.
1st article applies to SMS 2003 and below, so I am not 100% if that applies but it may be relevant
2nd piece of information comes directly from the SCCM documentation and it's located here. Dig down until you get into the performance section and they will generically say exclude the inbox directories. SCCM accesses this location frequently, and it can cause serious performance issues with Disk and CPU utilization.
Here's some general steps to test if the exclusion works properly:
1. Duplicate the EICAR antivirus test string and put it in a text file (disable AV while doing this). Test string can be found here: http://www.eicar.org/anti_virus_test_file.htm
2. Place the test string file in the folder you desire to be excluded (assuming your excluding a directory).
3. Enable your antivirus and run a full SYSTEM SCAN, not a On-Demand directory scan of the excluded location. On-Demand type scans will likely ignore the exclusion you setup.
If nothing is detected, you exclusion should be setup properly. You can verify by doing a scan on the actual excluded director, or you can remove the exclusion and rescan (time consuming but worth it).
I have seen other recommendations and have written some in the McAfee antivirus forums. Good place to look for consolidated exclusion recommenations btw...
p.s. Don't forget to setup your SQL and SCCM client exclusions
- Proposed as answer by Robert_IT Wednesday, January 06, 2010 6:24 PM
so with Article 1 from Robert's post, show reflection to 2 and 2k3, i guess excluding the entire CM folder? and how about the Patch folders? we are in the midst of deploying the upgrade of our AV solution and i have asked them to exclude our SCCM for now until i can find an answer on exclusions.