abanister 0 Posted February 12, 2021 Share Posted February 12, 2021 Context: We have a managed client for whom we've deployed ESET as their virus protection. This client is also partially managed by a 3rd party vendor who supports one of their LOB applications. That 3rd party vendor requires Cisco AMP to be installed on endpoints that they manage. The problem that this creates is, now we have 2 different AV products conflicting with each other. What has already been done: On our end, we have made exclusions for Cisco AMP, meaning ESET ignores Cisco AMP. What I need to know is: What exclusions need to be made on Cisco AMP's side, so that it ignores ESET? We essentially want both AV products to be unaware that the other even exists. Thank you in advance! 😄 Link to comment Share on other sites More sharing options...
Administrators Marcos 4,718 Posted February 13, 2021 Administrators Share Posted February 13, 2021 The rule of thumb is not to have 2 antivirus running at a time. You cannot solve this by exclusions, only by disabling crucial protection features, such as real-time protection and HIPS and keep either AV as a 2nd opinion on-demand scanner. Link to comment Share on other sites More sharing options...
ESET Moderators Aryeh Goretsky 353 Posted February 16, 2021 ESET Moderators Share Posted February 16, 2021 Hello, Just to add to my colleague @Marcos' advice, you could try excluding the following directories %ProgramData%\ESET\ %ProgramFiles%\ESET\ %ProgramFiles(x86)%\ESET\ However, there is no guarantee that this will prevent any conflicts from occurring. As a result of running multiple anti-malware programs at once, systems may experience performance issues, including but not limited to periodic freezes, lockups, crashes and other anomalous behavior that will be difficult to troubleshoot because the software is being used in an unsupported fashion. I do understand that you are in a bit of a situation here because the client chose a managed third-party vendor for one of its LOB applications who has particular requirements, but I did want to make you aware of the pitfalls the client may be facing. Please keep in mind that any workarounds which are implemented for the client are going to require careful monitoring by all parties to minimize any problems due to this. Regards, Aryeh Goretsky Link to comment Share on other sites More sharing options...
Administrators Marcos 4,718 Posted February 16, 2021 Administrators Share Posted February 16, 2021 I'd add that the above exclusions have no effect on how files are scanned outside the excluded folder. As I wrote, exclusions cannot prevent conflicts between various real-time protection modules which is also why Windows Defender RTP deactivates when a 3rd party AV is installed and vice-versa. Link to comment Share on other sites More sharing options...
Recommended Posts