Best Practice for Endpoint Agents with Antivirus Protection

Run another search:
You are here:
< Back

With a typical antivirus program, excluding a folder prevents the AV program from monitoring data that are written to, or read from, the folder.

Excluding a binary or executable file prevents the AV engine monitoring executable during read and write operations.

It is recommended to whitelist all of the processes, files, and folders that are listed below.

Windows

Endpoint Agent Installation Location C:\Program Files\Manufacturer\Endpoint Agent
Endpoint Agent Temp Folder Location C:\Program Files\Manufacturer\Endpoint Agent\temp
Processes edpa.exe
wdp.exe
cui.exe
cuil.exe
kvoop.exe
brkrprcs.exe
brkrprcs64.exe
prcs32.exe
Drivers vfsmfd.sys
vrtam.sys
vnwcd.sys
Files C:\Program Files\Manufacturer\Endpoint Agent\*.ead

MacOS

Endpoint Agent Installation Location /Library/Manufacturer/Endpoint Agent
Endpoint Agent Temp Folder Location /Library/Manufacturer/Endpoint Agent/Temp
Processes edpa
wdp
cui
kvoop
Drivers N/A
Files /Library/Manufacturer/Endpoint Agent/*.ead
Was this article helpful?
0 out Of 5 Stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we improve this article?