Using Symantec Endpoint Antivirus Protection with XenData Archive Series Software, Version 5.0x

Updated Sept. 22, 2009

Overview
When installing antivirus (AV) protection on a XenData archive, it is important to choose an AV solution that has been certified. XenData Archive Series software and AV software use file system filtering techniques and there may be undesirable interactions if you use an AV product that has not been certified.

The Antivirus and Antispyware module of Symantec Endpoint Protection version 11.0 has been certified for use with XenData Archive Series software, version 5.0x.

This technical note describes how to configure Endpoint Protection and the XenData archive to provide effective antivirus protection.

Configuring Endpoint Protection
When the “Enable File System Auto-protect” option is enabled, Endpoint provides continuous monitoring of all files that are archived and restored. This option is supported and recommended, but you will want to use the "Centralized Exceptions" option to exclude the XenData Archive Drive letter as shown below:

In this example, the XenData Archive is located on drive X:; thus we have excluded the X:\ drive from within the Centralized Exceptions menu. The full procedure may be found in the section below.

Symantec Endpoint Protection is usually configured to automatically scan the entire computer for threats on a regular basis. If Endpoint Protection scans the logical drive letter managed by XenData software (X: within the example above), it will read all files on the archive causing a restore for each file that is held near-line. This is usually undesirable as it will greatly reduce the archive performance. To ensure system security without unnecessary performance impact, create a New Scan and select "Custom Scan":

Click "Next" and check all of the local drives you wish to scan, excluding the XenData Archive Drive (X:).

Please note that even though the archived files are not included in scans, Symantec Endpoint Protection with the Auto-protect option enabled provides continuous monitoring and protection for all files that are written to the archive and restored from it.

Detailed Instructions for creating a Centralized Exception within Symantec Endpoint Protection Manager

1. Click on the "Options" button to the right of the Antivirus and Antispyware Protection and select "Change Settings…"

2. From the Antivirus and Antispyware Protections Settings General Tab, select the "File System Auto-Protect" Tab.

3. From the File System Auto-Protect tab, click on "Centralized Exceptions".

4. Select "Add", "Security Risk Exceptions", then "Folder".

5. Input the XenData Archive Drive letter "X:\" and click "Add".

6. Click on "Close". Symantec Endpoint Protection will now ignore the XenData Archive Drive and prevent substantial unnecessary data I/O from the XenData tape archive.

Applicable Operating Systems

• Windows Server 2003
• Windows Server 2008 R2

Applicable XenData Software
This technical note is applicable to:

• Version 5 – Server Editions of Archive Series software