Sophos exclusions for Microsoft Endpoint Configuration Manager?

Question

Is there anything special that needs to be done for Configuration Manager to work with Intercept-X? Some (not all and it changes A LOT) computers aren't seeing deployments in Software Center. Some computers will see 5 one day then all the next. Some will see them all one day and then see 5 less the next. It isn't consistent and Microsoft hasn't been any help. I would remove Sophos and test but I can't get it to consistently fail. I have %WINDIR%\CCM and %WINDIR%\CCMCACHE in Global Exclusions (Sophos Central - Global Settings - Global Exclusions) for Real-time and scheduled. Is there anything else that needs to be done? Does anyone have any suggestions that I might try?

This thread was automatically locked due to age.

Qoosh · Answer

Hi Kevin, 
 Thanks for reaching out to the Sophos Community Forum. 
 If you haven't already, I suggest checking out the following recommended exclusions article from Microsoft. - Recommended antivirus exclusions for Configuration Manager site servers, site systems, and clients 
 From the way you listed the exclusions, it looks like you may need a trailing backslash at the end of the paths so that the exclusions are treated as "Folders" instead of "File" exclusions. 
 Kevin Everts1 said: %WINDIR%\CCM and %WINDIR%\CCMCACHE in Global Exclusions 
 If the exclusions have already been added where necessary, the best way to isolate if Sophos is playing a part in the issues you're experiencing would be to try removing it from one or two test systems to see if the results change. 
 If you continue to see intermittent issues without Sophos installed, this may indicate that the issue resides elsewhere.