System Center 2012 Configuration Manager Antivirus Exclusions

First published on TECHNET on Nov 29, 2012

Authored by Clifton Hughes

I have seen this question asked and answered in some articles and blog posts, however, after teaching the Concepts and Admin Workshop for the new version of the product recently, and getting more familiar with the new Endpoint Protection feature in System Center 2012 Configuration Manager, and I discoverd a feature in Endpoint Protection that lets you see what the default exclusions should be for System Center 2012 Configuration Manager (as well as many other server types). The trick is to import the Policy Template which I will walk you through here:

From the System Center 2012 Configuration Manager Console, click on the Assets and Compliance Workspace:

Next under Endpoint Protection in the navigation pane, Right Click on Policies, and select Import:

From the list of templates to import, select “SCEP 12_Default_CfgMgr2012.xml”, then Click Open:

This will import the template named “Endpoint Protection Configuration Manager 2012”:

Next, click on the Exclusion settings, and then click the Set button next to the Excluded file and folders settings:

This will bring up the recommended files and folders to exclude from scanning for System Center 2012 Configuration Manager:

You will need to expand the column and scroll to see it all, however, there is the list of exclusions needed. There are many other templates to import from there as well, and if you need multiple to apply to the same group of systems, you can import the ones you need, and then multi select them and right click and select Merge. This will allow you to combine multiple Antimalware Policies together for more efficient management of the policies.

I hope you found this useful.

Cliff Hughes
Microsoft Premier Field Engineer


This article was originally published by Microsoft's Core Infrastructure and Security Blog. You can find the original article here.