After you install DLP Endpoint, if the scanning significantly affects your system performance, you might need to exclude DLP Endpoint content from scans. This article contains a list of DLP Endpoint processes and folders that can be excluded from the ENS scan.
DLP Endpoint processes to exclude:
Create an on-access scanner low-risk process exclusion for the following DLP Endpoint processes. Disable scanning when writing to or reading from disk.
- fcpst.exe
- fcnm.exe
- fcags.exe
- fcagte.exe
- fcagswd.exe
- fcag.exe
NOTE: The default location for these processes is shown below:
C:\Program Files\McAfee\DLP\Agent\
DLP Endpoint folders to exclude:
On the same on-access scan policy, create a low-risk exclusion for the following DLP Endpoint folders (including subfolders):
C:\ProgramData\McAfee\DLP\
C:\Program Files\McAfee\DLP\Agent\
DLP Endpoint for Mac folders to exclude:
Create an exclusion for the following DLP Endpoint for Mac folders:
/usr/local/McAfee/DlpAgent/
/etc/cma.d/DATALOSS2000/
/usr/local/McAfee/fmp/config/DlpAgent/
How to configure exclusions in ENS:
When you configure exclusions, always apply the principle that the more precise the exclusion, the smaller the potential security risk. For instructions to configure exclusions, see the "Preventing Threat Prevention from blocking trusted programs, networks, and services" section of the
Endpoint Security Threat Prevention Product Guide.
