After you install DLP Endpoint, if the scanning significantly affects your system performance, you might need to exclude DLP Endpoint content from scans. This article contains a list of DLP Endpoint processes and folders that can be excluded from the ENS scan or VSE scanning engine.
DLP Endpoint processes to exclude:
Create an on-access scanner low-risk process exclusion for the following DLP Endpoint processes. Disable scanning when writing to or reading from disk.
- fcags.exe
- fcagte.exe
- fcagswd.exe
- fcag.exe
NOTE: The default location for these processes is:
C:\Program Files\McAfee\DLP\Agent
DLP Endpoint folder to exclude:
Create an exclusion for the following DLP Endpoint folder:
C:\ProgramData\McAfee\DLP\
DLP Endpoint for Mac folders to exclude:
Create an exclusion for the following DLP Endpoint for Mac folders:
/usr/local/McAfee/DlpAgent/
/etc/cma.d/DATALOSS2000/
/usr/local/McAfee/fmp/config/DlpAgent/
How to configure exclusions in ENS and VSE:
When you configure exclusions, always apply the principle that the more precise the exclusion, the smaller the potential security risk. For instructions to configure exclusions, see the following documentation: