SYSTEM CENTER 2012 R2 Operations Manager - Anti-Virus Exclusions
The Anti-Virus exclusions should be part of common day to day administrative tasks of Anti-Virus solutions to avoid scanning procedures targeted to not harmful or critical and overloaded processes.
Excluding monitoring components from scanning ensures Anti-Virus tools do not block, interfere or skew monitoring data generated on Operations Manager Agents.
IT Administrators should implement specific exclusions.
The following table highlights the recommendations with regards to System Center 2012 R2 - Operations Manager:
Context |
Exclusions |
Management Servers |
Folders (including subfolders): Operations Manager installation folder. Default: "C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server\" File Types: EDB, CHK, LOG Processes (See Note 1) : CShost.exe, Microsoft.Mom.Sdk.ServiceHost.exe, HealthService.exe, MonitoringHost.exe |
Gateway Servers |
Folders (including subfolders): Operations Manager installation folder. Default: "C:\Program Files\System Center Operations Manager\Gateway\" File Types: EDB, CHK, LOG Processes (See Note 1) : HealthService.exe, MonitoringHost.exe |
Windows Agents |
Folders (including subfolders): Operations Manager installation folder. Default: "C:\Program Files\Microsoft Monitoring Agent" File Types: EDB, CHK, LOG Processes (See Note 1) : HealthService.exe, MonitoringHost.exe |
Operations Manager Database Servers |
(Windows Agent exclusions) + File Types: MDF, LDF |
Important Note 1:
Process name exclusions could potentially prevent some dangerous programs from being detected. Therefore exclusions based on processes might expose to security issues and should be avoided.
More information could be found here: https://support.microsoft.com/kb/975931 (*)
(*) Please note that by the time of release of this blog post the referenced article (975931) just included SCOM 2012 information. - The article has been updated yesterday 03/Dec/2013