Articles in this section

See more

Antivirus and Endpoint Protection Exclusions for LiveVault

Updated

Table of Contents


    Overview

    LiveVault is compatible with most antivirus (AV), endpoint protection, and security solutions. However, improper configuration of these tools can interfere with backup operations and system performance.

    Modern security software performs aggressive real-time scanning, behavioral monitoring, and network inspection. Without proper exclusions, this can lead to conflicts with LiveVault processes.

     

    Common Symptoms of Misconfiguration

    If exclusions are not properly configured, you may experience:

    • Failed or incomplete backups
    • Slow backup or restore performance
    • Excessive backup activity (unexpected data churn)
    • Failed updates or corrupted installations
    • High CPU, disk, or network utilization
    • Network connection interruptions
    • System instability or unresponsiveness

     

    Key Concepts

    Process-Aware vs System-Level Changes

    • Local antivirus scans:
      LiveVault can identify antivirus processes (“suspect processes”) and ignore their file changes to prevent unnecessary backups.
    • Remote antivirus scans:
      These are performed via file shares (e.g., scanning Machine A from Machine B). In this case:
      • The System process modifies file attributes
      • LiveVault cannot distinguish these changes from legitimate file modifications
      • This results in unnecessary backup activity and performance degradation

    ⚠️ Important: LiveVault cannot filter changes made by the System process.

     

    Unsupported Configuration

    Remote Virus Scanning

    Do not perform remote virus scans against a system protected by LiveVault.

    Example:

    • Scanning Machine A from Machine B over a network share

    Impact:

    • Triggers large amounts of unnecessary backup activity
    • Consumes CPU, disk, and network resources
    • Degrades both backup and system performance

     

    Required Antivirus & Security Exclusions

    The following exclusions must be configured in all security software and security appliances, including:

    • Antivirus / Anti-malware
    • Endpoint Detection & Response (EDR/XDR)
    • Host-based firewalls
    • Network security devices (UTM, IDS/IPS, DPI)

     

    1. Process-Level Exclusions

    Exclude the following executables from scanning and allow outbound communication:

    • LV_Engine.exe
    • LV_Super.exe
    • LVRegister.exe

     

    2. Directory-Level Exclusions

    Exclude the following directories and all contents from scanning:

    • LiveVaultData (or /<data_dir> on Linux)
      • Contains LiveVault databases and backup metadata
    • C:\Program Files\Autonomy
    • System Volume Information (on all drives)
      • The hidden system directory used by Windows

    ⚠️ Failure to exclude these directories can cause severe performance issues or system hangs.

     

    3. Backup Scope Considerations

    • Exclude antivirus temporary files and directories from backup jobs
    • Do not override exclusions for:
      • \snapshots directories

     

    Network & Security Appliance Considerations

    1. Network Inspection / AV Gateways

    Some firewalls and security appliances perform:

    • Deep packet inspection (DPI)
    • Inline antivirus scanning
    • SSL/TLS inspection

    These may interfere with LiveVault traffic.

    Recommendation:

    • Whitelist or bypass inspection for LiveVault traffic
    • Disable AV/DPI scanning for trusted backup connections

     

    2. IDS / IPS Systems

    Intrusion detection/prevention systems may incorrectly flag LiveVault traffic.

    Ensure the following ports are allowed and not inspected:

    • TCP 2144
    • TCP 2145

    Failure to configure this may result in:

    • Dropped connections
    • Interrupted backups
    • Session failures

     

    Additional Considerations

    • Some security tools require exclusions in:
      • Real-time scanning
      • Scheduled scans
      • Behavioral or heuristic engines
    • In highly restrictive environments:
      • Temporary disabling or uninstalling security software may be required for troubleshooting
    • Always validate:
      • Backup success after applying exclusions
      • System performance improvements

     

    Tested Antivirus Products

    LiveVault has been tested with the following antivirus solutions:

    • Computer Associates:
      • InoculateIT
      • InocuLAN
      • eTrust Antivirus
    • Symantec:
      • Norton AntiVirus
      • Norton AntiVirus Corporate Edition
    • Sophos:
      • Sophos Anti-Virus
      • Sophos MailMonitor for Exchange
    • Trend Micro:
      • ServerProtect
    • McAfee:
      • VirusScan
      • NetShield

    If your antivirus solution is not listed, it may still be compatible. Contact your security vendor or support team for configuration guidance.

     

    Support Guidance

    If you are unsure how to implement these exclusions:

    • Consult your antivirus or security vendor documentation
    • Engage your internal security/network team
    • Contact support for environment-specific guidance

     

    Disclaimer

    This document outlines commonly required configurations based on known interactions between LiveVault and security software. It is not exhaustive, and additional exclusions or tuning may be required depending on your environment.

    Related articles

    Powered by Zendesk