|
Sorry, should have included these in my original message:
Microsoft Windows recommended exclusions: http://support.microsoft.com/kb/822158
That should cover the main OS components like Domain Services, DNS, WINS,
DHCP, and FRS/DFS.
Exchange exclusions: http://support.microsoft.com/kb/823166
Basically you need to exclude the datastore, database, and log files from
the real-time scanning engine since it will look like senseless garbage.
Eset doesn't give guidelines for anything more specific than make sure
database and log files are excluded from scanning. If you start encountering
problems, I recommend you grab a copy of Process Monitor
http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx and filter
down to file system activity coming from the ekrn.exe process. Look for
files that are continuously being scanned (I've seen some odd ones like
Thinkpad software that is continuously writing to a .log file causing
problems) and set up additional exclusions if you are seeing something flood
the log with excessive scanning activity. v4 has a statistics view that will
tell you what is being accessed in the filesystem that may also help you
diagnose these sorts of issues if you are on that version.
I have heard some rumblings about issues with high-volume DFS shares and v4,
though getting the exclusions set up correctly are among the most complex so
I can't determine at this point if there is a problem with the product or
just misconfiguration errors. Unfortunately I do not have a high-volume FRS
environment to test it with personally.
|
