// This is the script to give summary on the main page.
Think IPM

Friday, June 6, 2008

Citrix XenApp / Edge Sight Anti Virus Recommendations

The following are suggestions from Aaron Silber to help ease the negative affect that standard Anti-virus settings can cause on Citrix servers. As these servers are not used in the normal sense of the word Server, the aggressiveness needs to be adjusted or performance will suffer.

Citrix XenApp settings

  • Change what gets scanned to scan inbound only. Typical settings are to scan on write, read access, etc.
  • Scan local drives only
  • Exclude the pagefile from being scanned.
  • Exclude .dat and .tmp files.
  • Exclude C:\Documents and Settings\*.*
  • Disable the heuristics mode of scanning, this setting can be very intensive on the system
  • For Printing performance issues: Exclude the Spool folder, C:\WINDOWS\system32\spool
  • Exclude the C:\Program Files\Citrix folder and all subfolders
  • Exclude smss.exe, winlogon.exe, userinit.exe, csrss.exe and wfshell.exe
  • For Symantec only: Disable "Tamper Protection".

EdgeSight settings

You must NOT be running McAfee 8.0 with patch 10. If so, you MUST install patch 11 or later before installing the EdgeSight Agent.
Some paths are given in case they were not already excluded (from above)



  • C:\Program Files\Common Files\Citrix\System Monitoring\Server\RSSH
  • C:\Program Files\Citrix\System Monitoring\Server\EdgeSight 4.0\scripts\rssh
  • C:\Program Files\Citrix\System Monitoring\Server\EdgeSight 4.0\Pages
  • C:\Program Files\Microsoft SQL Server\MSSQL\Reporting Services
  • C:\Program Files\Microsoft SQL Server\MSSQL\Data


Exclude the following from being scanned:


  • C:\Documents and Settings\All Users\Application Data\Citrix\System Monitoring\Data


  • C:\Program Files\Citrix\System Monitoring\Agent\Core\rscorsvc.exe
  • C:\Program Files\Citrix\System Monitoring\Agent\Core\Firebird\bin\fbserver.exe
blog comments powered by Disqus Blog Widget by LinkWithin