Loading...

Knowledge Center


Endpoint Security/VirusScan Enterprise exclusions for Lotus Domino and Security for Lotus Domino 7.5.3
Technical Articles ID:   KB73026
Last Modified:  7/19/2018
Rated:


Environment

McAfee Endpoint Security (ENS) Threat Prevention 10.x
McAfee Security for Lotus Domino 7.5.3
McAfee VirusScan Enterprise (VSE) 8.x
IBM Lotus Domino 9.0.x, 8.5.x, 8.0.x

Summary

Required Endpoint Security/VirusScan Exclusions when using IBM Lotus Domino or Security for Lotus Domino and ePolicy Orchestrator (ePO)
IMPORTANT: If you add exclusions by typing, you must append a backslash (\) to the end of folder exclusions. The backslash is automatically added for folder exclusions created using the VirusScan Console when browsing. Also see KB66909 - Consolidated list of Endpoint Security/VirusScan Enterprise exclusion articles. 

NOTE: McAfee Security For Lotus Domino can be used "with" and "without" the Anti-Spam add-on; the folder structure of the product does not change whether or not it is used.
  
Quick Reference Table for
Endpoint Security/VirusScan Required Exclusions
 
Application
Exclusion Examples
Exclusion Type
VirusScan Default Exclusion Path
Security for Lotus Domino 7.5.3
**\Security for Lotus Domino\bin
Folder
c:\Program Files\ (x86)McAfee\Security for Lotus Domino\bin
Security for Lotus Domino 7.5.3
**\Config\
Folder
c:\Program Files (x86)\McAfee\Security for Lotus Domino\Config\
Security for Lotus Domino 7.5.3
**\MSDWData\
Folder
c:\Program Files (x86)\McAfee\Security for Lotus Domino\Data\MSDWData\
Security for Lotus Domino 7.5.3
**\Temp\mfe\
Folder
 C:\WINDOWS\Temp\mfe\
IBM Lotus Domino 9.0.x, 8.5.x
*.NLO
File
..\Notes\Data\DAOS\0001\
IBM Lotus Domino R9.0x, R8.5.x, R8.0.x
<Drive:>\<path>\<Database>\
<Drive:>\<path>\
File
Folder
..\<Transaction_Logging\Database>\
..\<Transaction_Logging>\
IBM Lotus Domino R9.0.x, R8.5.x, R8.0x
*\Domino\Data\
Folder
..\Lotus\Domino\Data\
IBM Lotus Domino R9.0.x, R8.5.x, R8.0x
**\NOTES*\ (with the subfeature Also exclude subfolders enabled)
Folder
%TEMP%\Notes######\
 
NOTES:
  • Replace <Drive:> with the drive letter the folder exists on.
  • Replace <Folder_Name> with the actual folder the file or database resides in.
Breakdown of Exclusions
Security for Lotus Domino 7.5.3 (Working Directory)
 
Application
Security for Lotus Domino 7.5.3
Exclusion:
**\Security for Lotus Domino\bin
Default path:
C:\Program Files (x86)\McAfee\Security for Lotus Domino\bin
Details:
General working folder for Security for Lotus Domino 7.5.3

 

Security for Lotus Domino 7.5.3 (Config Directory)

Application:
Security for Lotus Domino 7.5.3
Exclusion:
**\Config\
Default path:
C:\Program Files (x86)\McAfee\Security for Lotus Domino\Config\
Details:
Configuration folder for Security for Lotus Domino 7.5.3

 

Security for Lotus Domino 7.5.3  (Quarantine Directory)
 
Application:
Security for Lotus Domino 7.5.3
Exclusion:
**\MSDWData\
Default path:
C:\Program Files (x86)\McAfee\Security for Lotus Domino\Data\MSDWData\
Details:
This folder is used whether McAfee Quarantine Manager is used or not - when Security for Domino is configured to use McAfee Quarantine Manager (MQM) the MSDWData folder db is still used as a local "logging only" database and temporary storage area if connection to MQM is briefly unavailable.
 
IMPORTANT: If you change the default path to the quarantine directory using the Security for Lotus Domino Product Configuration manager, ensure that you modify the VirusScan exclusions to reflect the custom folder path.

 

IBM Lotus Domino (Transaction Logging Directory\<File>)
 
Application:
IBM Lotus Domino R9, R8.5, R8
Exclusion:
<Drive:>\<Folder_Name>\
Default path:
Not available
Details:
IMPORTANT: Transaction Logging should not be located in the Domino DATA folder. Lotus recommends the folder be created on a separate physical drive to avoid having an impact on the server's performance. Please refer to the Lotus Domino Administrator's Guide for instructions on enabling Transaction Logging.
 
To identify whether Transaction Logging has been enabled, check the NOTES.INI file on the Domino Server for the following statements:

TRANSLOG_Status=1
TRANSLOG_Path=<x:Path_To_Log_Database>

 

IBM Lotus Domino R9, R8.5, and R8 (Data Directory)
 
Application:      
IBM Lotus Domino R9, R8.5, R8
Exclusion:
*\Domino\Data\
Default path:
C:\Program Files\IBM\Lotus\Domino\Data\
Details: 
This is the Data folder where only Domino databases are stored. No executables exist in this folder and all Domino databases are protected by the McAfee Security for Lotus Domino On-Access Database Scanner and do not need Endpoint Security/VirusScan Enterprise to scan the databases in this folder. This folder should be excluded from On-Access and On-Demand Scanning by the desktop anti-virus software.

 

IBM Lotus Domino on R9, R8.5, and R8 (Temporary folder)
 
Application
IBM Lotus Domino R9, R8.5, R8
Exclusion:
**\NOTES*\ with the subfeature "Also exclude subfolders"
Default path:
Lotus Domino TEMP Folder
 
When Domino Server started as a service:
%TEMP%Notes######

When Domino Server started as an application or under an account other than the system account:
\Document And Settings\<UserProfile>\Local Settings\Temp\Notes######\
Details:
The Lotus Domino R9/R8.5/R8 Servers by default have the temporary folder recreated each time the Domino Server is restarted with a new NOTES##### (##### = Random Hexadecimal value).
 
Solution 1:
Use wildcard commands to exclude the temp NOTES###### folders using the following exclusion in Endpoint Security/VirusScan Enterprise:
 
**\NOTES*\ (with the subfeature Also exclude subfolders enabled)
 
Solution 2:
  1. Edit the Domino Server's NOTE.INI.
  2. Add the following statement and specify a path: NOTES_TEMPDIR=c:TempDomino
  3. Save the changes.
  4. Restart the Domino Server for the changes to take effect.

Rate this document

Languages:

This article is available in the following languages:

English United States
Japanese

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.