My fellow Citrite Dimitrios Samorgiannidis has written an excellent post on what the correct anti-virus exclusions are for a PVS environment. Here’s the first paragraph of his blog on the Citrix blogs.
It should be noted that there are some different file names for various OS, and that some files doesn’t exist for some versions. I have tried to document everything as good as possible based upon some notes that I have taken over the years – however I still recommend that you review the recommendation below so they actually match your system. It should also be noted that some of the exclusions depends for example on the setup used, default paths, operating systems in combination with product version etc.
A few recommended Server Side file exclusions.
C:WindowsSystem32driversCVhdBusP6.sys => (PVS 6.1)
C:WindowsSystem32driversCVhdBus2.sys => (PVS 5.6)
C:WindowsSystem32driversCFsDep2.sys => (PVS 5.6 and PVS 6.1)
C:Program FilesCitrixProvisioning ServicesBNTFTP.EXE => (PVS 5.6 and PVS 6.1)
C:ProgramDataCitrixProvisioning ServicesTftpbootARDBP32.BIN => (PVS 5.6 and PVS 6.1)
D:Store => ( i.e. local vdisk store)
Read the entire list of exclusions here.
Citrix has created an overview of the communication ports used for their VDI-in-a-Box software.
The following table lists a brief description of each component and what network ports and protocols are used: Continue reading “Communication ports used by VDI-in-a-Box 5.1”
When you have Hyper-V servers running with an anti-virus product on the host server please take a look at the following recomendations to keep Hyper-V running as optimal as possible.
- Default virtual machine configuration directory (C:ProgramDataMicrosoftWindowsHyper-V)
- Custom virtual machine configuration directories
- Default virtual hard disk drive directory (C:UsersPublicDocumentsHyper-VVirtual Hard Disks)
- Custom virtual hard disk drive directories Continue reading “Hyper-V anti-virus exclusions”
The following list is files and folders that do not need to be scanned. These files are not at risk of infection and might cause serious performance issues due to file locking, if included. Where a specific set of files is identified by name, exclude only those files instead of the whole folder. Sometimes the whole folder must be excluded. Do not exclude any of these based on the filename extension. Continue reading “Recommended exclusions for virusscanner on a Windows Domain Controller with Active Directory or File Replication Service.”
Allways searching for the exclusion list for all the MS products? Never find the right exclusions? Don’t look any further, here’s a list with the exclusions for the most popular MS products.