Antivirus Settings for MyWorkDrive

This article details MyWorkDrive Server and Client Antivirus settings for versions 5.2 and above. When you run Windows antivirus programs on MyWorkDrive, you can help enhance the security of your organization. However, if they aren’t configured correctly, Windows antivirus programs can cause problems in MyWorkDrive server and clients. MyWorkDrive support has attempted to detail basic exclusion requirements however each Antivirus vendor operates differently and may require additional exclusions and settings to ensure 100% functionality.

Server Antivirus Exclusions

Folder Exclusions

 

C:\wanpath\*.*

C:\Program Files (x86)\Wanpath\*.*

C:\ProgramData\WANPATH\*.*

Process exclusions

 

Many antivirus programs support the scanning of processes, which can adversely affect MyWorkDrive if the incorrect processes are scanned. Therefore, you should exclude the following MyWorkDrive or related processes from process scanning.

“C:\Program Files (x86)\Wanpath\MyWorkDrive\ActiveDirectoryService\MyWorkDrive.ActiveDirectoryService.exe”

“C:\Program Files (x86)\Wanpath\MyWorkDrive\Service\MyWorkDrive.Service.exe”

“C:\Wanpath\WanPath.Utilities\Exe\cloudflared.exe”

w3wp (IIS Worker Processes)

This may be particuarly impactful in high volume enviornments. We have seen environments where there are a large number of files opened/closed/saved or file transfers where CPU utilization can be cut by 30% by removing scanning on these four services/processes. Assuming you have appropriate border and file system security, redundantly scanning MyWorkDrive processes is a bottleneck you may seek to avoid.

 

Local Web Application Firewall

 

In addition to corporate firewall settings if your antivirus product enables a local web application firewall add the following exclusions.

Allow any to localhost 127.0.0.1 for Administration Console management.

 

TCP/UDP Ports

If your antivirus application adjusts or limits TCP or UDP ports, we advise disabling that feature. MyWorkDrive makes real time calls via LDAP to the AD to authenticate users on login and again on file access/save, resulting on a high volume server in a large number of calls. If you are limiting tcp/udp ports this can result in the domain controller reporting unavailable and the operating system “timing out” AD calls for 15 minutes when ports are exhausted. When the OS times out those AD calls your MyWorkDrive server will report offline to users and deny logins/file access/save.

 

McAfee Antivirus Example Exclusions

 

As an example, for McAfee Endpoint Security add the following MyWorkDrive exclusions. In addition to these exclusions review firewall ports required for various MyWorkDrive services.

 

Threat Prevention

Exclude c:wanpath\*.*

Firewall

Add Local Host (127.0.0.1) and Local Subnets Exclusion

 

LAN Example: 10.0.0.0/24
LocalHost: 127.0.0.1

 

Web Control

Add exclusion for 127.0.0.1

Windows Client Antivirus Exclusions

For virus applications other than Windows Defender, we recommend setting exclusions in your security products on client machines running MyWorkDrive.

 

Strongly Recommended

(more commonly interfered with by AV)

C:\Users\%username%\AppData\Local\MyWorkDrive\*.* – user configuration data

C:\Program Files (x86)\Wanpath\MyWorkDrive-Client-Windows\*.* – the application

 

Other paths to consider

(less commonly an issue, but there have been cases of AV interfering with operations in these folders)

C:\ProgramData\Wanpath\*.* – log files

%temp%\CBFS* – file system driver temp files (the folder name is randomized on each login)

 

Network Scanning

For optimal performance, we’d also recommend you Exclude Network Drive Letter Scanning. Having all of the logged in users computers downloading files to scan them will generate unnecessary network load on the server, file system, internet connection and security devices.