Completed (Minor Issue)

Sophos Central Server: Automatic Exclusions for SQL 2019

Team,

As per Microsoft, below SQL processes are supposed to be excluded. However, from Sophos automatic exclusions we do not see these processes getting excluded under the category of "Process Exclusion". Could you please review the behavior of automatic exclusion for SQL 2019 and fix if this is a gap. Below exclusions are from the MS article - https://support.microsoft.com/en-us/topic/how-to-choose-antivirus-software-to-run-on-computers-that-are-running-sql-server-feda079b-3e24-186b-945a-3051f6f3a95b 

Processes to exclude from virus scanning

  • %ProgramFiles%\Microsoft SQL Server\<Instance_ID>.<Instance Name>\MSSQL\Binn\SQLServr.exe

  • %ProgramFiles%\Microsoft SQL Server\<Instance_ID>.<Instance Name>\Reporting Services\ReportServer\Bin\ReportingServicesService.exe

  • %ProgramFiles%\Microsoft SQL Server\<Instance_ID>.<Instance Name>\OLAP\Bin\MSMDSrv.exe

Parents
  • Hi there Prabhu,

    Sophos Central's automatic exclusions only cover those areas where we may have a performance impact based on our development testing.
    The processes that are listed on the MS document will be allowed due to their known good reputation. Our machine learning checks the code similarity,  file/path, and attributes of these.
    If additional exclusions are recommended by a third-party vendor, you may add them manually via policy or global exclusions.

Comment
  • Hi there Prabhu,

    Sophos Central's automatic exclusions only cover those areas where we may have a performance impact based on our development testing.
    The processes that are listed on the MS document will be allowed due to their known good reputation. Our machine learning checks the code similarity,  file/path, and attributes of these.
    If additional exclusions are recommended by a third-party vendor, you may add them manually via policy or global exclusions.

Children
No Data