There are some scenarios where you might need to exclude DLP Endpoint content from scans.
Scenario 1:
Since DLP is a security application, no other applications must interfere with its processes, especially antivirus.
Scenario 2:
After you install DLP Endpoint, it's also possible that the antivirus scanner significantly affects your system performance.
This article contains a list of DLP Endpoint processes and folders that can be excluded from the ENS scan. For other antivirus and monitoring applications, consult with your application support.
DLP Endpoint processes to exclude:
Create an on-access scanner low-risk process exclusion for the following DLP Endpoint processes. Disable scanning when writing to or reading from disk.
- fcpst.exe
- fcnm.exe
- fcags.exe
- fcagte.exe
- fcagswd.exe
- fcag.exe
NOTE: The default location for these processes is as follows:
C:\Program Files\McAfee\DLP\Agent\
DLP Endpoint folders to exclude:
On the same on-access scan policy, create a low-risk exclusion for the following DLP Endpoint folders (including subfolders):
C:\ProgramData\McAfee\DLP\
C:\Program Files\McAfee\DLP\Agent\
DLP Endpoint for Mac folders to exclude:
Create an exclusion for the following DLP Endpoint for Mac folders:
/usr/local/McAfee/DlpAgent/
/etc/cma.d/DATALOSS2000/
/usr/local/McAfee/fmp/config/DlpAgent/
How to configure exclusions in ENS:
When you configure exclusions, always apply the principle that the more precise the exclusion, the smaller the potential security risk. For instructions to configure exclusions, see the
Preventing Threat Prevention from blocking trusted programs, networks, and services section in the
Endpoint Security Threat Prevention Product Guide.
