To exclude SAN and NAS devices and servers that use mount points from scanning with VSE, create an on-access scanner process exclusion for the volume names of the SAN / NAS devices and servers.
IMPORTANT: These exclusions do not work with Endpoint Security. Endpoint Security does not support physical path exclusions yet.
To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.
Use the following syntax for exclusions:
\Device\HarddiskVolumeN\ (where N represents the volume number)
Examples:
\Device\Harddisk\*
\Device\HarddiskVolume*
\Device\HarddiskVolume1\
\Device\HarddiskVolume1\Exchsrvr*
How to configure exclusions in VSE:
When you configure exclusions, always apply the principle that the more precise the exclusion, the smaller the potential security risk. For instructions to configure exclusions, see the following documentation:
- KB66909 - Consolidated list of Endpoint Security/VirusScan Enterprise exclusion articles
- KB55898 - Understanding VirusScan Enterprise Exclusions
- KB67544 - How to create low-risk and high-risk process exclusions for VirusScan Enterprise 8.x in ePolicy Orchestrator
- KB50998 - How to manage file and folder exclusions in VirusScan Enterprise 8.x using wildcards
- KB61000 - VirusScan Enterprise exclusions and hardware paths (physical address versus logical address)