Loading...

Knowledge Center


Endpoint Security and VirusScan Enterprise exclusions for Data Loss Prevention Endpoint to improve performance
Technical Articles ID:   KB68520
Last Modified:  11/8/2018
Rated:


Environment

McAfee Data Loss Prevention Endpoint (DLP Endpoint) 11.x, 10.x
McAfee Endpoint Security (ENS) Threat Prevention 10.x
McAfee VirusScan Enterprise (VSE) 8.x

Summary

After you install DLP Endpoint, if scanning significantly affects your system performance, you might need to exclude DLP Endpoint content from scans. This article contains a list of the DLP Endpoint processes and folders to exclude from being scanned by the ENS or VSE scanning engine.

DLP Endpoint processes to exclude:
Create an on-access scanner low-risk process exclusion for the following DLP Endpoint processes. Disable scanning when writing to or reading from disk.
  • fcags.exe
  • fcagte.exe
  • fcagswd.exe
  • fcag.exe
NOTE: The default location for these processes is:

C:\Program Files\McAfee\DLP\Agent
 
DLP Endpoint folder to exclude:
Create an exclusion for the following DLP Endpoint folder:
 
C:\ProgramData\McAfee\DLP\
 
DLP Endpoint for Mac folders to exclude:
Create an exclusion for the following DLP Endpoint for Mac folders:
 
/usr/local/McAfee/DlpAgent/
/etc/cma.d/DATALOSS2000/
/usr/local/McAfee/fmp/config/DlpAgent/

How to configure exclusions in ENS and VSE:
When configuring exclusions, always apply the principle that the more precise the exclusion, the smaller the potential security risk. For instructions to configure exclusions, see the following documentation:
  • ENS: "Preventing Threat Prevention from blocking trusted programs, networks, and services" section of the Endpoint Security 10.6.x Threat Prevention Product Guide (ePO managed) (PD27574)
  • VSE:
    • KB66909 - Consolidated list of Endpoint Security and VirusScan Enterprise exclusion articles
    • KB55898 - Understanding VirusScan Enterprise Exclusions
    • KB67544 - How to create low-risk and high-risk process exclusions for VirusScan Enterprise 8.x in ePolicy Orchestrator
    • KB50998 - How to manage file and folder exclusions in VirusScan Enterprise 8.x using wildcards
    • KB61000 - VirusScan Enterprise exclusions and hardware paths (physical address versus logical address)

Rate this document

Languages:

This article is available in the following languages:

English United States
Japanese

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.