AV Exclusions on Windows

How to apply the AV exclusion on Windows OS for the BigFix Platform core components.

Note: The default value for <installation path> is C:\Program Files (x86)\BigFix Enterprise.
  • On the BigFix Server

    The following folder and sub folder paths should be excluded:

    <installation path>\BES Server*

    C:\Windows\Temp\tem*.tmp*

    Additionally the following processes should be excluded as well:

    <installation path>\BESGather.exe (for version up to 9.5.7)

    <installation path>\BES Server\BESRootServer.exe

    <installation path>\BES Server\BESWebReportsServer.exe

    <installation path>\BES Server\BESAdmin.exe

    <installation path>\BES Server\FillDB.exe

    <installation path>\BES Server\GatherDB.exe

  • On the BigFix Relay

    The following folder and sub folder paths should be excluded:

    <installation path>\BES Relay*

    Additionally the following processes should be excluded as well:

    <installation path>\BES Relay\BESRelay.exe

  • On the BigFix Client

    The following folder and sub folder paths should be excluded:

    <installation path>\BES Client*

    Additionally the following processes should be excluded as well:

    <installation path>\BES Client\BESClient.exe

    <installation path>\BES Client\BESClientUI.exe

    Optionally the following process should also be excluded if leveraging the QNA component within the BES Client directory:

    <installation path>\BES Client\qna.exe

  • On the BigFix Console

    The following folder and sub folder paths should be excluded: this primary AV exception for the console relates to the console cache directory. This directory by default is located within the users profile path. For example:

    %LOCALAPPDATA%\BigFix*

    The user BigFix Console cache location is configurable as well via a registry setting (this may make it easier to apply AV exclusions in some AV and heuristics products). More information on this configuration can be found here: Altering BigFix Console cache location

    Additionally the following processes and files should be excluded as well:

    <installation path>\BES Console\BESConsole.exe

    %LOCALAPPDATA%\Temp\tem*.tmp

    Optionally the following directory should also be excluded if leveraging the QNA component within the BigFix Console directory:

    <installation path>\BES Console\QNA*

    Additionally, the following processes:

    <installation path>\BES Console\QNA\FixletDebugger.exe

  • On the BigFix WebUI Server

    The following folder and sub folder paths should be excluded:

    <installation path>\BES WebUI*

    Additionally the following processes should be excluded:

    <installation path>\BES WebUI\WebUIService.exe

    <installation path>\BES WebUI\WebUI\node.exe