Citrix XenApp / Edge Sight Anti Virus Recommendations

The following are suggestions from Aaron Silber to help ease the negative affect that standard Anti-virus settings can cause on Citrix servers. As these servers are not used in the normal sense of the word Server, the aggressiveness needs to be adjusted or performance will suffer.

Citrix XenApp settings

  • Change what gets scanned to scan inbound only. Typical settings are to scan on write, read access, etc.
  • Scan local drives only
  • Exclude the pagefile from being scanned.
  • Exclude .dat and .tmp files.
  • Exclude C:\Documents and Settings*.*
  • Disable the heuristics mode of scanning, this setting can be very intensive on the system
  • For Printing performance issues: Exclude the Spool folder, C:\Windows\System32\spool
  • Exclude the C:\Program FilesCitrix folder and all subfolders
  • Exclude smss.exe, winlogon.exe, userinit.exe, csrss.exe and wfshell.exe
  • For Symantec only: Disable “Tamper Protection”.

EdgeSight settings

You must NOT be running McAfee 8.0 with patch 10. If so, you MUST install patch 11 or later before installing the EdgeSight Agent.
Some paths are given in case they were not already excluded (from above)



  • C:\Program Files\Common Files\CitrixSystem MonitoringServerRSSH
  • C:\Program FilesCitrixSystem MonitoringServerEdgeSight 4.0scriptsrssh
  • C:\Program FilesCitrixSystem MonitoringServerEdgeSight 4.0Pages
  • C:\Program FilesMicrosoft SQL ServerMSSQLReporting Services
  • C:\Program FilesMicrosoft SQL ServerMSSQLData


Exclude the following from being scanned:


  • C:\Documents and SettingsAll UsersApplication DataCitrixSystem MonitoringData


  • C:\Program FilesCitrixSystem MonitoringAgentCorerscorsvc.exe
  • C:\Program FilesCitrixSystem MonitoringAgentCoreFirebirdbinfbserver.exe