Overview of antivirus best practices with x360Sync
x360Sync requires the following steps to ensure proper registration, connectivity, and syncing:
- Define scan exclusions
- Configure Webroot anitvirus by disabling two settings
You can also find this information in the video Antivirus Best Practices.
Important: Is your local Thin Client cache filling up?
Such cases are normally attributed to your local antivirus doing background scans in the Thin Client folder. To check files, the antivirus is trying to read this folder, and so it is initiating the download of these files from the cloud on to the local machine (where they are getting cached, consuming the disk space.)
We do have cache control planned for future implementation.
Immediate solution: The fastest and easiest way to prevent your Thin Client cache from filling up is to add the SyncedTool virtual folder into the AV software exclusions, so that it won't try to scan it. Doing this won't compromise the machine's safety because real files are opened from the cache location (which is not directly related to the SyncedTool virtual folder and won't be excluded from such scans.)
STEP 1. Define scan exclusions
For Windows:
Note: The best method of exception is by signer certificate identity or signer name. For Windows, the named signer is eFolder, Inc. If you have questions about defining this exclusion, please contact your security vendor for assistance in adding these exceptions.
The following Windows folder paths and processes must be accept-listed (or excluded from scanning) to ensure proper functioning of the x360Sync agent:
Paths
C:\Program Files (x86)\Synced Tool (or branded name)
C:\Program Files (x86)\Synced Tool VFS (or branded name VFS)
Processes
C:\Program Files (x86)\Synced Tool (or branded name)\bin\agent_gui.exe
C:\Program Files (x86)\Synced Tool (or branded name)\bin\agent_service.exe
C:\Program Files (x86)\Synced Tool VFS (or branded name VFS)\bin\agent_gui.exe
C:\Program Files (x86)\Synced Tool VFS (or branded name VFS)\bin\agent_service_VFS.exe
For Mac systems:
Note: The best method of exception is by signer certificate identity or signer name. For MacOS, the named signer is AnchorBox, LLC. If you have questions about defining this exclusion, please contact your security vendor for assistance in adding these exceptions.
The following Mac folder paths and processes must be accept-listed (or excluded from scanning) to ensure proper functioning of the x360Sync agent:
Paths/Processes
/private/etc/anchor/agent_service
/Applications/syncedtool.app
NOTE: Make sure to rename your app (x360sync.app) as needed, according to your branding.
STEP 2. Configure Webroot antivirus: Two settings must be disabled
Webroot requires two additional steps to ensure that the x360Sync agent works properly.
- In Webroot, the Identity Shield must be disabled.
- In Webroot, the Check files for threats when written or modified setting must be turned off.
Important notes
Note 1: You must disable these two settings in Webroot:
- identity shield
- option to check files when written or modified
Simply excluding the program path doesn't do anything except allow the program services to run. Excluding the program path does not affect traffic to or from the synced folder.
Note 2: We recommend that you contact the antivirus vendor for guidance prior to making any AV setting modifications.
If your settings aren't applied correctly, you may have to spend time and effort later to confirm that Webroot is not the cause of potential issues. This confirmation can only be done by uninstalling from the machine and rebooting. Disabling Webroot is not an accurate way to rule Webroot out as a culprit in future issues. In most cases, Webroot continues to create threads while it is disabled, so it could still interfere with x360Sync functionality. The only way we can know for certain that potential issues are related to the x360Sync agent itself (and not the antivirus) is through uninstalling and rebooting.
How to disable the two Webroot settings:
- Disable settings from the Webroot management console
- Disable settings from the local machine
A. Disable settings from the Webroot management console: A1. Navigate to the Policies tab in the left side bar. A2. Click on Recommended Defaults.
A3. Open the Identity Shield section. A4. Locate the Identity Shield Enabled option. A5. Disable this option by changing the toggle setting to Off.
A6. Navigate to the Realtime Shield section and open it. A7. Locate the Scan files when written or modified option. A8. Disable this option by changing the toggle setting to Off. |
B. Disable settings from the local machine B1. First, ensure that you have allow-listed the desktop client installation directory. Typically, this is C:\Program Files (x86)\<branded desktop client name>): [Refer to Webroot's Creating Whitelist Overrides in the Endpoint console available at https://community.webroot.com/webroot-business-endpoint-protection-20/creating-whitelist-overrides-in-the-endpoint-console-214422] |
B2. Next, disable the Identity Shield setting: [Refer to Webroot's Disabling Identity Shield instructions available at https://docs.webroot.com/us/en/home/wsa_identityshield_userguide/wsa_identityshield_userguide.htm#ManagingIdentityProtection/DisablingIdentityShield.htm?Highlight=Disabling%20Identity%20Shield] |
B3. Finally, disable the Check files for threats when written or modified setting.: [Refer to Webroot's Changing Shield Settings instructions available at https://docs.webroot.com/us/en/home/wsa_pc_userguide/Content/ShieldingYourPC/ChangingShieldSettings.htm] |
REMINDERS
- Merely excluding the program path does not affect traffic to or from the x360Sync synced folder.
- You must make the changes to these two settings in Webroot (disabling identity shield and disabling "Check files when written or modified")
- Ensure you understand the antivirus vendor requirements prior to changing any settings.
- If antivirus settings aren't applied correctly, you will need to confirm that Webroot is not the cause of potential issues by uninstalling from the machine and rebooting.
- Disabling Webroot is not an accurate way to rule Webroot out as a culprit in pontential issues.
SUPPORT | 720-204-4500 | 800-352-0248
- Contact Axcient Support at https://partner.axcient.com/login or call 800-352-0248
- Free certification courses are available in the Axcient x360Portal under Training
- To learn more about Axcient products, sign up for a free one-on-one training
- Subscribe to the Axcient Status page for updates and scheduled maintenance
1314 | 1469 | 1930