Recommendations on configuring Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition running with Citrix Presentation Server on a single server

 

Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition

 
 
 

Recommendations on configuring Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition running with Citrix Presentation Server on a single server

Back to "Settings / How to"
2014 Mar 14 ID: 4578
 
 
 
 
This article contains recommendations by Citrix specialists on configuring antivirus software installed on a single server with Citrix Presentation Server. These recommendations have been tailored for Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition.
  • Set the task Real-time file protection to scan objects in Smart mode (right-click the task Real-time file protection, select Properties, tab General).
  • Set the task Real-time file protection to scan local disks only.
  • Exclude pagefile from scan in the task Real-time file protection.
  • Exclude Print Spooler directory from scan in the task Real-time file protection. Tasks will be processed faster in this case.
  • If you agreed to add certain system folders into trusted zone during Anti-Virus installation (Microsoft recommendations), this folder is already excluded from scan in all Anti-Virus tasks.
  • Exclude the folder \Program Files\Citrix from scan in the task Real-time file protection. This folder houses access cache for local hosts and Resource Manager database.
  • If you are using ICA pass-through connections, exclude folders Presentation Server Client and Documents and Settings\<account_name>\Application Data\ICAClient\Cache (bitmap images folder) from scan by local Anti-Virus on client hosts.
  • If users connect to server by RDP, delete the value Anti-Virus system tray load indicator (kavtray.exe) from registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\Run on the server to raise server clients performance.
  • Disable scan of files accessed during backup operations in Kaspersky Anti-Virus trusted zone (check the box Do not monitor file activity of the specified processes on the tab Trusted processes).
    You should also exclude from scan the following files:
    • <systemroot>windows\system32\drivers\BNNS.sys
    • <systemroot>windows\system32\drivers\BNNF.sys
    • <systemroot>windows\system32\drivers\BNPort.sys
    • <systemroot>windows\system32\drivers\BNNS.sys
    • <systemroot>windows\system32\drivers\bnistack.sys

  • Add the process BNDevice.exe into the trusted list.

Citrix specialists recommend running a full testing cycle on a test bench before installing antivirus software on a real server.

For more information, please see Citrix Knowledge Base.

 
 
 
 
Was this information helpful?
Yes No
Thank you
 

 
 

How can we improve this article?

Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.

OK