Endpoint Protection

 View Only
  • 1.  Scan exclusions for Oracle

    Posted Nov 15, 2011 09:56 AM

    Hi

    I'm using SAV CE 10.1.8.  I need to setup SAV clients on some servers which will run Oracle DBs.

    Any suggestions please as to which DB files will need to be excluded from autoprotect and scheduled scans?  So far I'm aware of the need to exclude these extensions:

    Oracle data files    *.dbf
    Oracle log files        *.log
    Oracle redo files    *.rdo
    Oracle control files    *.ctl

    Are there any others that I need to include on that list?

    thanks.



  • 2.  RE: Scan exclusions for Oracle

    Trusted Advisor
    Posted Nov 15, 2011 10:27 AM

    Hello,

     

    The Following Article speaks on Exceptions required for the Oracle with Symantec Endpoint Protection

    http://www.symantec.com/docs/TECH134383

    Please check this Article for SAV 10.x:

    Creating exceptions in Symantec AntiVirus (SAV) 10.x

    http://www.symantec.com/docs/TECH99955

    https://www-secure.symantec.com/connect/articles/creating-exceptions-symantec-antivirus-sav-10x

    Unforunately, Extension Exclusions could not be made from Symantec System Center Console.

    You may have to create Extension Auto-Protect exclusions on an individual computer, by following the article above.

    Hope that helps!!



  • 3.  RE: Scan exclusions for Oracle
    Best Answer

    Posted Nov 15, 2011 01:32 PM

    The Exlusions tha you have is as per best Practice

    Check the doc below. Also As you are excluding Extensions like *.log I would suggest create Group for oracle and tag these Oracle Servers to that group.

     

    Check this doc

     

    What scan exclusions could be applied to an Oracle database server running Symantec Antivirus or Symantec Endpoint Protection

     http://www.symantec.com/docs/TECH134383



  • 4.  RE: Scan exclusions for Oracle

    Posted Nov 17, 2011 11:56 AM

    Hi Vikram

    Thanks for you reply - I will be assigning the Oracle their own group.  Presumably you suggest a group is used since .log files are easy infection tagets?



  • 5.  RE: Scan exclusions for Oracle

    Posted Nov 17, 2011 01:03 PM

    Not that easy target but because * .log is a very common file and excluding *.log organization wide will be not a good idea in security terms.

    Having Similar typs of servers in a group is a good practice..in this way it is easy to Manage, Identify and Administer them.



  • 6.  RE: Scan exclusions for Oracle

    Posted Nov 28, 2011 11:51 AM

    Very helpful info - many thanks for your help.