[THIN] Re: mcafee host intrusion prevention and terminal server

Generator Microsoft Word 11 (filtered medium) Hi,

Try excluding the following for better performance:

Scan local drives only. DO NOT scan network drives. Only scan " Incoming"  
files (ie. write events). Exclude the pagefile(s) from being scanned. The " 
%ProgramFiles%\Citrix"  folder contains many configuration and log files that 
are always changing, especially the Local Host Cache (imalhc.mdb) and Resource 
Manager Local Database (RMLocalDatabase.mdb). You could exclude the whole 
folder. More specifically, the main ones are: - " %ProgramFiles%\Citrix\Citrix 
Resource Manager\LocalDB" - " %ProgramFiles%\Citrix\Citrix Resource 
Manager\SummaryFiles" - " %ProgramFiles%\Citrix\Independent Management 
Architecture" - " %ProgramFiles%\Citrix\logs"  Exclude the Print Spooler 
(%SystemRoot%\System32\spool\PRINTERS) folder. Note that in our deployments we 
typically place these folders on the non-System Drive. If you do not exclude 
the Profiles, then exclude the user' s Presentation Server Client bitmap cache 
(" %UserProfile%\Application Data\ICAClient\Cache"  or " 
%AppData%\ICAClient\Cache" ) used for ICA pass-through connections by the 
locally installed PNClassic and PNAgent. 
Think I got it from this from the thinlist community in the past J. so thanks 
everyone!!!

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of 
Steve Snyder Sent: Thursday, 26 February 2009 10:44 AM To: thin@xxxxxxxxxxxxx 
Subject: [THIN] mcafee host intrusion prevention and terminal server

anyone using it? like it? hate it? caveats? known issues? basically it got 
pushed to my farm last night while users were logged on and working and today 
I'm having some performance issues affecting some users. Thought I'd see if 
there's any good/bad history before I go ask the culprits "why'd you break my 
farm?!?"

Other related posts: