Technical Library
|
Support
Quick Reference
> Excluding Websense files from antivirus scans
Excluding Websense files from antivirus scans
Deployment and Installation Center | Web, Data, and Email Security Solutions | Version 7.8.x
In this topic:
Web Security
Data Security
Email Security
Antivirus scanning can degrade the performance of Websense components. This article lists folders and files that should be excluded from antivirus scans.
Please note:
Websense is not aware of a risk in excluding the files or folders that are mentioned in this section from your antivirus scans. However, it is possible that your system would be safer if you did not exclude them.
When you scan these files, performance and operating system reliability problems may occur because of file locking.
Do not exclude any files based on the filename extension. For example, do not exclude all files that have a .dit extension.
All the files and folders that are described in this section are protected by default permissions to allow only SYSTEM and administrator access, and they contain only operating system components. Excluding an entire folder maybe simpler but may not provide as much protection as excluding specific files based on file names.
Refer to your antivirus vendor's documentation for instructions on excluding files from scans.
Note
During installation of Websense products, disable antivirus software altogether. After installation, be sure to re-enable antivirus software.
Web Security
It is a best practice to exclude the Websense installation directory (includes subdirectories) from antivirus scans. By default this directory is:
Windows
:
*:\Program Files\Websense
or
*:\Program Files (x86)\Websense
Linux
:
/opt/Websense/
Data Security
It is a best practice to exclude the following (includes subdirectories) from antivirus scans.
The Websense installation folder, which is one of the following:
*:\Program Files\Websense
*:\Program Files (x86)\Websense
*:\Program files\Microsoft SQL Server\*.*
C:\Documents and Settings\<user>\Local Settings\Temp\*.*
%WINDIR%\Temp\*.*
The forensics repository (configurable; defaults to Websense folder)
On non-management servers, such as Data Security analyzers, exclude the following directories from antivirus scanning:
The folder where Data Security was installed. By default, this is one of the following:
Program Files\Websense\
Program Files (x86)\Websense\*.*
*:\Inetpub\mailroot\*.* - (typically at the OS folder)
*:\Inetpub\wwwroot\*.* - (typically at the OS folder)
C:\Documents and Settings\<user>\Local Settings\Temp\*.*
%WINDIR%\Temp\*.*
The forensics repository (configurable; defaults to Websense folder)
Note
This document lists the default installation folders. You can configure the software to install to other locations.
The FP-Repository folder is usually located inside the installation folder.
The following directories should be excluded from the antivirus software that is deployed to endpoint clients:
The endpoint installation folder
Endpoint processes: wepsvc.exe and dserui.exe
EndpointClassifier.exe and kvoop.exe
Email Security
It is a best practice to exclude the Websense installation folder (includes subfolders), by default:
*:\Program Files\Websense
or
*:\Program Files (x86)\Websense
Also exclude any Data Security folders that apply (see
Data Security
above).
Quick Reference
> Excluding Websense files from antivirus scans
Copyright 2016 Forcepoint LLC. All rights reserved.