Loading...

Knowledge Center


How to configure Endpoint Security/VirusScan Enterprise to minimize issues with Vulnerability Manager
Technical Articles ID:   KB54038
Last Modified:  12/21/2018
Rated:


Environment

McAfee Endpoint Security (ENS) Threat Prevention 10.x
McAfee VirusScan Enterprise (VSE) 8.x
McAfee Vulnerability Manager (MVM) 7.x

Summary

This article describes configuration changes you can make to improve ENS/VSE performance with MVM. It is recommended that you add all the executables and processes for MVM to the exclusion list in ENS/VSE to avoid conflicts.

IMPORTANT: It is recommended that you either disable or completely uninstall any anti-virus software before you run the MVM installer. After you install MVM, you must then configure your anti-virus software to avoid conflicts. This article lists the appropriate processes to exclude for your anti-virus software. Technical Support cannot advise on how to implement these changes in non-McAfee products.

Solution

Add all the executables and processes for MVM to the ENS/VSE exclusion list to avoid conflicts.

MVM processes to exclude from the On-Access Scanner:
  1. Create an On-Access Scanner low-risk process exclusion for the following MVM processes. Disable scanning when writing to or reading from disk.
    • FCAgent.exe
    • FCAgentSettings.exe
    • FCMConsole.exe
    • FCServer.exe
    • FSAPI.exe
    • FSAssessment.exe
    • FSDataSync.exe
    • FSDiscovery.exe
    • FSLogDispatcher.exe
    • FSLogToDiskSvc.exe
    • FSNotification.exe
    • FSPatch.exe
    • FCPatchInstallAgent.exe
    • FCPatchInstallApiServer.exe
    • FCPatchInstallController.exe
    • FCPatchInstallDataSync.exe
    • FCPatchInstallEngine.exe
    • FCPatchInstallNotification.exe
    • FCPatchInstallPortal.exe
    • FCPatchInstallReportServer.exe
    • FCPatchInstallServer.exe
    • FCPatchInstallUpdate.exe
    • FSScanCtrlSvc.exe
    • FSScanEngineSvc.exe
    • FSUpdate.exe
    • FSUpdateService.exe
    • LCDServices.exe
    • RegFS.exe
    • ReportServer.exe
    • TransformerX.exe
       
  2. Restart the MVM server.
MVM processes to exclude from Access Protection:
Expected behavior for MVM includes requesting permission to terminate certain protected processes. To allow these actions, create an Access Protection process exclusion for the MVM process FCAgent.exe.

MVM Database server SQL exclusions:
On the server that runs the MVM Database component, create the recommended exclusions for ENS/VSE on Microsoft SQL Servers. For details see KB67211.

How to configure exclusions in ENS/VSE:
When configuring exclusions, always apply the principle that the more precise the exclusion, the smaller the potential security risk. For instructions to configure exclusions, refer to the following documentation:
  • ENS: "Configuring exclusions" section of the Endpoint Security 10.5 Product Guide (PD26799)
  • VSE:
    • KB66909 - Consolidated list of Endpoint Security/VirusScan Enterprise exclusion articles
    • KB55898 - Understanding VirusScan Enterprise Exclusions
    • KB67544 - How to create low-risk and high-risk process exclusions for VirusScan Enterprise 8.x in ePolicy Orchestrator
    • KB50998 - How to manage file and folder exclusions in VirusScan Enterprise 8.x using wildcards
    • KB61000 - VirusScan Enterprise exclusions and hardware paths (physical address versus logical address)

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Languages:

This article is available in the following languages:

English United States
Japanese

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.