How to create Low-Risk and High-Risk process exclusions

Technical Articles ID: KB58692
Last Modified: 3/17/2020

Environment

McAfee VirusScan Enterprise (VSE) 8.8

Summary

The VirusScan Enterprise (VSE) on-access scanner scans each file when it is accessed. Because some applications constantly access a high number of files, you might need to set exclusions to improve the performance of these applications. These exclusions do not have to lower the security of your system; VSE allows you to set specific exclusions. Because many applications such as database programs write to files in multiple locations, it is best to exclude files and folders based on a specific process instead of excluding them for all processes.

Problem

System performance degrades when certain files are scanned.

Solution

Exclusions can be set locally, if the software is installed as standalone. Or, you can set it through the appropriate management program (ePO).

For standalone installations:

Open the VirusScan Console.
Right-click On-Access Scanner and select Properties.
Select All Processes.
Select Low-Risk Processes.
On the Processes tab, click Add and use the list or browse to the application you want to include as a Low-Risk Process.
In the Detection tab, deselect any or all options in the Scan Files section.

NOTE: It is generally sufficient to disable When reading from disk. But, database servers also perform many write operations. In some environments, you might also need to disable the option When writing to disk.
Select High-Risk Processes.
On the Processes tab, click Add and use the list or browse to the application you want to include as a High-Risk Process.

NOTE: Make sure that you add any exclusions previously created in the Default processes to the High-Risk Processes.

If you have high-risk and low-risk enabled, any exclusions previously stored in Default processes will not be applied to the high-risk processes policy.

For ePO managed installations:

Log on to the ePO console.
Click Menu, Policy, Policy Catalog.
Select VirusScan Enterprise from the Product drop-down list.
Select On-Access Default Processes Policies from the Category drop-down list.
Select a policy, then select Configure different scanning policies for high-risk, low-risk, and default processes and click Save.
Select On-Access High-Risk Processes Policies or On-Access Low-Risk Processes Policies from the Category drop-down list.
Select a policy, then click the High Risk Processes (or Low Risk Processes) tab. Add or delete processes as needed, by clicking Add, Edit, or Remove.
Click the Scan Items tab, then deselect any or all options in the scan files section.

NOTE: It is sufficient to disable When reading from disk. But, database servers also perform many write operations. In some environments, you might need to disable the When writing to disk option as well.

Click the Exclusions tab and make sure that you add any exclusions previously created under Default processes to the High-Risk Processes (or Low Risk Processes).

NOTE: If you have high and low-risk enabled, any exclusions previously stored in Default processes will not be applied to the High-Risk or Low Risk Processes policy.

Save your changes.

Related Information

For information about:

Understanding High-Risk, Low-Risk, and Default processes configuration and usage, see KB55139.
Understanding VirusScan Enterprise exclusions, see KB55898.

Affected Products

Configuration
VirusScan Enterprise 8.8 (EOL)

Languages:

This article is available in the following languages:

English United States
Japanese

Knowledge Center

How to create Low-Risk and High-Risk process exclusions

Environment

Summary

Problem

Solution

Related Information

Affected Products

Languages:

Title

Title

Knowledge Center

How to create Low-Risk and High-Risk process exclusions

Environment

Summary

Problem

Solution

Related Information

Affected Products

Languages:

Choose your region

Title

Title