AV Exclusions on Windows

How to apply the AV exclusion on Windows OS for the BigFix Platform core components.

Note: The default value for <installation path> is C:\Program Files (x86)\BigFix Enterprise.
  • On the BigFix Server

    The following folder and sub folder paths should be excluded:

    <installation path>\BES Server*

    C:\Windows\Temp\tem*.tmp*

    Additionally the following processes should be excluded as well:

    <installation path>\BESGather.exe (for version up to 9.5.7)

    <installation path>\BES Server\BESRootServer.exe

    <installation path>\BES Server\BESWebReportsServer.exe

    <installation path>\BES Server\BESAdmin.exe

    <installation path>\BES Server\FillDB.exe

    <installation path>\BES Server\GatherDB.exe

  • On the BigFix Relay

    The following folder and sub folder paths should be excluded:

    <installation path>\BES Relay*

    Additionally the following processes should be excluded as well:

    <installation path>\BES Relay\BESRelay.exe

  • On the BigFix Client

    The following folder and sub folder paths should be excluded:

    <installation path>\BES Client*

    Additionally the following processes should be excluded as well:

    <installation path>\BES Client\BESClient.exe

    <installation path>\BES Client\BESClientUI.exe

    Optionally the following process should also be excluded if the following component is installed within the BES Client directory:

    <installation path>\BES Client\BESClientHelper.exe

    Optionally the following process should also be excluded if leveraging the QNA component within the BES Client directory:

    <installation path>\BES Client\qna.exe

  • On the BigFix Console

    The following folder and sub folder paths should be excluded: this primary AV exception for the console relates to the console cache directory. This directory by default is located within the users profile path. For example:

    %LOCALAPPDATA%\BigFix*

    The user BigFix Console cache location is configurable as well via a registry setting (this may make it easier to apply AV exclusions in some AV and heuristics products). More information on this configuration can be found in Altering BigFix Console cache location.

    Additionally the following processes and files should be excluded as well:

    <installation path>\BES Console\BESConsole.exe

    %LOCALAPPDATA%\Temp\*\tem*.tmp

    %LOCALAPPDATA%\Temp\tem*.tmp

    Optionally the following directory should also be excluded if leveraging the QNA component within the BigFix Console directory:

    <installation path>\BES Console\QNA*

    Additionally, the following processes:

    <installation path>\BES Console\QNA\FixletDebugger.exe

  • On the BigFix WebUI Server

    The following folder and sub folder paths should be excluded:

    <installation path>\BES WebUI*

    Additionally the following processes should be excluded:

    <installation path>\BES WebUI\WebUIService.exe

    <installation path>\BES WebUI\WebUI\node.exe