How can we help you today?
Antivirus Settings for MyWorkDrive
This article details MyWorkDrive Server and Client Antivirus settings for versions 5.2 and above. When you run Windows antivirus programs on MyWorkDrive, you can help enhance the security of your organization. However, if they aren’t configured correctly, Windows antivirus programs can cause problems in MyWorkDrive server and clients. MyWorkDrive support has attempted to detail basic exclusion requirements however each Antivirus vendor operates differently and may require additional exclusions and settings to ensure 100% functionality.
Contents
Server Antivirus Exclusions
Folder Exclusions
C:\wanpath\*.*
C:\Program Files (x86)\Wanpath\*.*
C:\ProgramData\WANPATH\*.*
Process exclusions
Many antivirus programs support the scanning of processes, which can adversely affect MyWorkDrive if the incorrect processes are scanned. Therefore, you should exclude the following MyWorkDrive or related processes from process scanning.
“C:\Program Files (x86)\Wanpath\MyWorkDrive\ActiveDirectoryService\MyWorkDrive.ActiveDirectoryService.exe”
“C:\Program Files (x86)\Wanpath\MyWorkDrive\Service\MyWorkDrive.Service.exe”
“C:\Wanpath\WanPath.Utilities\Exe\cloudflared.exe”
w3wp (IIS Worker Processes)
This may be particuarly impactful in high volume enviornments. We have seen environments where there are a large number of files opened/closed/saved or file transfers where CPU utilization can be cut by 30% by removing scanning on these four services/processes. Assuming you have appropriate border and file system security, redundantly scanning MyWorkDrive processes is a bottleneck you may seek to avoid.
Local Web Application Firewall
In addition to corporate firewall settings if your antivirus product enables a local web application firewall add the following exclusions.
Allow any to localhost 127.0.0.1 for Administration Console management.
TCP/UDP Ports
If your antivirus application adjusts or limits TCP or UDP ports, we advise disabling that feature. MyWorkDrive makes real time calls via LDAP to the AD to authenticate users on login and again on file access/save, resulting on a high volume server in a large number of calls. If you are limiting tcp/udp ports this can result in the domain controller reporting unavailable and the operating system “timing out” AD calls for 15 minutes when ports are exhausted. When the OS times out those AD calls your MyWorkDrive server will report offline to users and deny logins/file access/save.
McAfee Antivirus Example Exclusions
As an example, for McAfee Endpoint Security add the following MyWorkDrive exclusions. In addition to these exclusions review firewall ports required for various MyWorkDrive services.
Threat Prevention
Exclude c:wanpath\*.*
Firewall
Add Local Host (127.0.0.1) and Local Subnets Exclusion
LAN Example: 10.0.0.0/24
LocalHost: 127.0.0.1
Web Control
Add exclusion for 127.0.0.1
Clustering
It is imperative that, when running in Cluster mode with shared configuration files stored on an SMB path, that AV and Security Products are configured with path, folder or type exclusions to ensure they are not operating on the files or scanning the path as a network share.
Antivirus will alter and place locks on files in ways that can cause file contention and result in corruption or incomplete information being replicated to secondary servers.
Please be sure to disable network scanning for all installed instances of your endpoint security and include the path, file types and computer accounts for your MyWorkDrive servers in your exclusions.
Windows Client Antivirus Exclusions
For virus applications other than Windows Defender, we recommend setting exclusions in your security products on client machines running MyWorkDrive.
C:\Users\%username%\AppData\Local\MyWorkDrive\*.* – user configuration data. Users need to be able to read and write from this path, including subfolders.
C:\Program Files (x86)\Wanpath\MyWorkDrive-Client-Windows\*.* – the application. Users need to be able to read from this path, including subfolders.
C:\ProgramData\Wanpath\*.* – log files – users need to be able to write to this path.
%temp%\CBFS* – file system driver temp files (the folder name is randomized on each login) – users need to be able to read/write/modify files and folders in this path.
C:\Users\%username%\AppData\Roaming\WanPath\ MountingPointsInfo.json – users need to be able to read/write/delete this file – file is created on login and deleted on logout.
Failure to set client exclusions may result in:
- Errors on application launch including client hanging, client failing to login or unusual warning messages.
- Inability to open files
- Saving resulting in corrupt files
- Files being locked or warning about being locked inappropriatley
Network Scanning
For optimal performance, we’d also recommend you Exclude Network Drive Letter Scanning. Having all of the logged in users computers downloading files to scan them will generate unnecessary network load on the server, file system, internet connection and security devices.
