Symantec Endpoint Protection (SEP) 12.1.5 Antivirus Exclusion – Windows Server 2012 R2 – Citrix XenApp 7.6

Antivirus exclusions are an important step in deploying server based technologies.  Organization’s performance needs are just as critical as security.  Antivirus protection on physical XenApp servers hosting applications and shared desktops can be a challenge when the appropriate exclusions are not set up because performance and availability can suffer drastically.  Some of the issues that can be avoided by exclusion include hanging user sessions, long delays at logon and logoff, long delays launching apps, server unresponsiveness, etc.

Looking at a deployment of XenApp 7.6 VDA on Windows Server 2012 R2 platform for a healthcare organization, the following resources were reviewed in identifying what to add to the exclusion policy in Symantec Endpoint Protection Manager.  The following links refer to best practices as recommended by Symantec, Citrix, Microsoft and in the case of a healthcare organization using Intergy, Sage.

(SEP) 12.1.5 Antivirus Exclusion – Windows Server 2012 R2 – Citrix XenApp 7.6

SEP_12.1.5_Exceptions
SEP_12.1.5_Exceptions

https://support.symantec.com/en_US/article.TECH91070.html

https://www.citrix.com/blogs/2013/09/22/citrix-consolidated-list-of-antivirus-exclusions/

https://support.citrix.com/article/CTX127030

http://social.technet.microsoft.com/wiki/contents/articles/18439.terminal-server-antivirus-exclusions.aspx

http://www.millennium-mb.com/files/Sage_Intergy_EHR_EMR_New_Jersey_York_Medical_Billing.pdf

Note that the registry fix described in the first link is performed after the SEP 12.1.5 client is installed on the XenApp 7.6 VDA server.

The fourth link down refers to Antivirus Exclusions recommended by Microsoft for Terminal Servers.  We were unable to find an updated list for Remote Desktop Services on Windows Server 2012 R2 but some of the previous exclusions will still apply.

The same is true for Intergy/ Intergy EHR exclusions.  Previous exclusions for earlier versions of Intergy still apply for newer versions.

Lastly, while all of the previous file exclusion recommendations come from the product vendors mentioned earlier, it is worth noting that some exclusions will technically make your server more vulnerable to attacks.  Thus, antivirus software on XenApp 7.6 VDA servers should only be part of a larger, more robust enterprise security plan.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s