Interoperability with Symantec Antivirus

Description

To learn how to exclude files and folders please see Capture Client Interoperability Issues with Third Party Applications.

Resolution

Items to exclude from Capture Client:

  • General Items - More Vulnerability

    • C:\ProgramData\Symantec\Symantec Endpoint Protection\

    • C:\Program File*\Symantec\Symantec Endpoint Protection\

  • Specific Items - More Secured

    • C:\Program Files (x86)\Symantec\Symantec Endpoint Protection*\Bi*.exe

      where the number can be changed to the installed version on the machine.

      Example: \ProgramData\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\

To exclude Capture Client from Symantec:

  1. Exclude these folders and the update file:

    • C:\Program Files\SentinelOne

    • C:\ProgramData\Sentinel

    • C:\Documents and Settings\All Users\Application Data\Sentinel (ProgramData for 2003 and legacy agents )

    • C:\Windows\Temp\SentinelInstaller.exe

    Note: Make sure to exclude subfolders. Some solutions automatically exclude subfolders, but others require explicit notation.

  2. Exclude the SentinelOne Agent kernel-mode driver, service, and dynamic library:

    • Kernel-Mode driver: SentinelMonitor.sys

    • Windows Service: SentinelAgent.exe

    • 32-bit DLL: InProcessClient32.dll

    • 64-bit DLL: InProcessClient64.dll

Related Articles

  • Capture Client - System Requirements
    Read More
  • Capture Client – Migrate local CMC user login to MySonicWall account login
    Read More
  • Integration of CFS 5.0 Support in Capture Client
    Read More

Categories

Endpoint Security
Capture Client
Network
not finding your answers?
Ask the Community