[THIN] Re: mcafee host intrusion prevention and terminal server
- From: "alan tropper" <alan.tropper@xxxxxxxxxxxxx>
- To: "thin@xxxxxxxxxxxxx" <thin@xxxxxxxxxxxxx>
- Date: Thu, 26 Feb 2009 10:56:27 +0900
Generator Microsoft Word 11 (filtered medium) Hi,
Try excluding the following for better performance:
Scan local drives only. DO NOT scan network drives. Only scan " Incoming"
files (ie. write events). Exclude the pagefile(s) from being scanned. The "
%ProgramFiles%\Citrix" folder contains many configuration and log files that
are always changing, especially the Local Host Cache (imalhc.mdb) and Resource
Manager Local Database (RMLocalDatabase.mdb). You could exclude the whole
folder. More specifically, the main ones are: - " %ProgramFiles%\Citrix\Citrix
Resource Manager\LocalDB" - " %ProgramFiles%\Citrix\Citrix Resource
Manager\SummaryFiles" - " %ProgramFiles%\Citrix\Independent Management
Architecture" - " %ProgramFiles%\Citrix\logs" Exclude the Print Spooler
(%SystemRoot%\System32\spool\PRINTERS) folder. Note that in our deployments we
typically place these folders on the non-System Drive. If you do not exclude
the Profiles, then exclude the user' s Presentation Server Client bitmap cache
(" %UserProfile%\Application Data\ICAClient\Cache" or "
%AppData%\ICAClient\Cache" ) used for ICA pass-through connections by the
locally installed PNClassic and PNAgent.
Think I got it from this from the thinlist community in the past J. so thanks
everyone!!!
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
Steve Snyder Sent: Thursday, 26 February 2009 10:44 AM To: thin@xxxxxxxxxxxxx
Subject: [THIN] mcafee host intrusion prevention and terminal server
anyone using it? like it? hate it? caveats? known issues? basically it got
pushed to my farm last night while users were logged on and working and today
I'm having some performance issues affecting some users. Thought I'd see if
there's any good/bad history before I go ask the culprits "why'd you break my
farm?!?"
Other related posts:
