Loading...

Knowledge Center


VirusScan Enterprise exclusions for Symantec Backup Exec
Technical Articles ID:  KB68701
Last Modified:  11/20/2014
Rated:


Environment

McAfee VirusScan Enterprise 8.x
Symantec Backup Exec

Summary

Backup programs such as Backup Exec touch a large number of files. This can cause performance issues if each read and write operation triggers a scan by the VirusScan Enterprise On-Access Scanner. This article explains how to add Low Risk Processes policies and exclusions for Backup Exec in VirusScan Enterprise.

Solution

Add Low Risk Processes policies and exclusions for Backup Exec, and add Access Protection exclusions for Backup Exec.

Step 1 -
Add Low risk exclusions for Backup Exec

  1. Click Start, Programs, McAfee, VirusScan Console.
  2. Double-click On-Access Scanner.
  3. Select All Processes.
    If All Processes is not available, continue with item 6 below.
  4. Click Processes.
  5. Select Use different settings for high-risk and low-risk processes.
  6. Select Low-Risk Processes.
  7. In the Processes tab, click Add.
  8. Click Browse and navigate to each of the following Low-Risk Processes and click Open:

    C:\Program Files\Symantec\Backup Exec\beremote.exe
    C:\Program Files\Symantec\Backup Exec\beserver.exe
    C:\Program Files\Symantec\Backup Exec\bengine.exe
    C:\Program Files\Symantec\Backup Exec\benetns.exe 
    C:\Program Files\Symantec\Backup Exec\pvlsvr.exe
    C:\Program Files\Symantec\Backup Exec\BkUpexec.exe

    NOTE: Change the path as appropriate, depending on which root volume the Media Server or Remote Agent has been installed.

     
  9. When all of the above processes have been added, with Low-Risk Processes selected, select the Scan items tab.
  10. Deselect When writing to disk and When reading from disk


Step 2 -
Exclude Backup Exec paths from scanning

  1. Click Start, Programs, McAfee, VirusScan Console.
  2. Double-click On-Access Scanner.
  3. Select Default Processes.
  4. In the Exclusions tab, click Exclusions, Add.
  5. Under What to exclude, select By name/location.
  6. Click Browse to select:

    C:\Program Files\Symantec\Backup Exec\

     
  7. Add two asterisks (**) to the path as wildcards after each path has been added.

    Example:

    C:\Program Files\Symantec\Backup Exec\**

     
  8. Select Also exclude subfolders.
  9. Under When to exclude, select On read and On write.

Step 3 - Configure McAfee not to scan files open for backup
  1. Click Start, Programs, McAfee, VirusScan Console.
  2. Double-click On-Access Scanner.
  3. Select Default Processes.
  4. In the Scan Items tab, under Scan files, deselect Opened for backup.
  5. Repeat this for Low-Risk Processes and High-Risk Processes.
  6. Click OK.

    NOTE:  Disable the Opened for Backup option on Media Servers and Remote Agents. This can be done locally or using ePolicy Orchestrator.

Step 4 -
Configure McAfee to allow Backup Exec to use tftp.
The Access Protection rule "Anti-virus Standard Protection --> Prevent use of tftp.exe" is disabled by default. If it is enabled, the following exclusions must be added:
  1. Click Start, Programs, McAfee, VirusScan Console.
  2. Double-click Access Protection.
  3. Select Anti-virus Standard Protection.
  4. Select Prevent use of tftp.exe, and click Edit.
  5. In the Processes to exclude: box, add the Backup Exec process names separated by a comma:

    beremote.exe, beserver.exe, bengine.exe, benetns.exe, pvlsvr.exe, BkUpexec.exe


  6. Click OK to save and close both windows.

Rate this document

Did this article resolve your issue?

Please provide any comments below

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.