logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

App Control: Anti-Virus Exclusions for Agent (Linux)

App Control: Anti-Virus Exclusions for Agent (Linux)

Environment

  • App Control Agent: All Supported Versions
  • Linux OS: All Supported Versions

Question

What are the recommended agent anti-virus exclusions for Linux?

Answer

Path/LocationInformation
/opt/bit9/bin/Agent Application and Uninstall script
/srv/bit9/data/Agent Database and Diagnostic Logs
/lib/modules/kernelversion/kernel/lib/b9k*.koAgent Kernel Driver
/lib/modules/kernelversion/kernel/lib/cbproxy_cbp_*.koAgent Proxy Module
/etc/rc*/*b9daemon and /etc/init.d/b9daemonAgent Startup Script
/etc/X11/xinit/xinitrc.d/90b9notifier.shAgent Block Notifier

Additional Notes

  • Some vendors require trailing asterisks (*) when entering exclusions. Sub-folders should be included in the exclusions. Please refer to the vendors documentation.
  • The agent is considered a "Real Time" scanner. It also has a self-protection mechanism to mitigate tampering with the agents services or files. It is important to set these exclusions up as interference from other security products can cause inter-operability and performance issues.

Related Content


Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
CB_Support
Creation Date:
‎09-04-2020
Views:
3953
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.