Hi
We are looking at using Defender for AV and I have been told by the admins that it uses machine learning to exclude files etc and that is the recommended option. Is anyone using Defender and is the recommended best practice to actually exclude the Veeam files from the Defender settings?
I am aware of https://www.veeam.com/kb1999
Thanks
-
stewsie
- Veteran
- Posts: 297
- Liked: 25 times
- Joined: May 22, 2015 7:16 am
- Full Name: Paul
- Contact:
-
david.domask
- Veeam Software
- Posts: 2601
- Liked: 607 times
- Joined: Jun 28, 2016 12:12 pm
- Contact:
Re: Microsoft Defender AV exclusions
Hi stewsie,
While hopefully others will share their opinions, did your admin colleagues object specifically to setting the exclusions manually or just wanted to point out that it _can_ be handled automatically?
From experience troubleshooting quite a few cases where AV was the culprit, if you can manually set exclusions, typically it's best. I think a lot of the caution around blindly setting exclusions is lack of curation, i.e., you set an exclusion, turns out later you don't need it, now there is a place on the machine not being scanned, but I'm just guessing of course.
I'm not sure there's really a big difference in setting manually vs automatic except that with manually you know what you set, and with automatic you have less cruft to worry about, but perhaps your colleagues had different objections.
KB1999 has been pretty reliable for most cases, so I would just go with that.
While hopefully others will share their opinions, did your admin colleagues object specifically to setting the exclusions manually or just wanted to point out that it _can_ be handled automatically?
From experience troubleshooting quite a few cases where AV was the culprit, if you can manually set exclusions, typically it's best. I think a lot of the caution around blindly setting exclusions is lack of curation, i.e., you set an exclusion, turns out later you don't need it, now there is a place on the machine not being scanned, but I'm just guessing of course.
I'm not sure there's really a big difference in setting manually vs automatic except that with manually you know what you set, and with automatic you have less cruft to worry about, but perhaps your colleagues had different objections.
KB1999 has been pretty reliable for most cases, so I would just go with that.
David Domask | Product Management: Principal Analyst
-
stewsie
- Veteran
- Posts: 297
- Liked: 25 times
- Joined: May 22, 2015 7:16 am
- Full Name: Paul
- Contact:
Re: Microsoft Defender AV exclusions
"While hopefully others will share their opinions, did your admin colleagues object specifically to setting the exclusions manually or just wanted to point out that it _can_ be handled automatically?"
The admins pointed out that supposedly Microsoft advise/recommend letting Defender sort exclusions but I suspect they just mention their applications like SQL etc. I have forward the info on to the Defender admins and hopefully they will set exclusions when we are ready.
Thanks for the info
The admins pointed out that supposedly Microsoft advise/recommend letting Defender sort exclusions but I suspect they just mention their applications like SQL etc. I have forward the info on to the Defender admins and hopefully they will set exclusions when we are ready.
Thanks for the info