12-09-2018 08:02 AM
I'm running Centrify Privilege Access version 18.10 on-premise in Win Server 2016 with Trend Micro AntiVirus installed on both Servers. I've noticed a slowness in CPS performance and decided to deactivate the AntiVirus for a while and the slowness faded!
Anyone knows what the Directory exclusions to include in Trend Micro? instead of just excluding the whole Centrify Directory in Program Files and Program Data.
PS: I'm new to Centrify :)
Solved! Go to Solution.
12-10-2018 09:08 AM
This is a great question.
Note that the PAS setup script will automatically add the exclusions for Windows Defender.
Ideally you'd exclude the location of the database and transaction log. (Defaults to \ProgramData\Centrify\Centrify Identity Platform in the Data and Logs folders respectively); however these locations will change in a clustered scenario.
I'd also exclude the scripts folder.
I see this post has been escalated too, so you'll get a more detailed answer from them.
12-17-2018 08:19 AM
Regarding how to configure TrendMicro, please see the steps below you can follow for excluding both connector and cloud paths from Trend Micro's scanning.
For the Connector:
- In the policy for the machine running the connector I added "C:\Program Files\Centrify" to the Approved Program List under Exceptions.
For the cloud/portal:
- Under Global settings --> Approved/Blocked Settings add https://<opieportalurl>/* to the Approved URLs
The portal url exclusion should be done at the global level and pushed to all agents running so that wherever this portal is accessed from if an agent is running on that machine it will be excluded from scanning.