Antivirus exceptions for Qlik Sense McAfee, Symantec & Other Anti-Virus exclusions required
To eliminate the chance that AntiVirus, AntiMalware, and other security-related software cause corruption or lock up files in the Qlik environment, or cause issues during an installation/upgrade/patch, some folders should be excluded from live scanning.
Impact of Virus/EDR/ATP scans locking Qlik related files (such as .qvw files, binary Qlik Sense app files as well as NPrinting task files, etc...) can result in loading and refresh failures as well as performance issues.
Please note that usual anti-virus exclusions might not apply to the EDR and ATP setup, talk to the vendor to get the exclusions in place.
Qlik Sense requires access to predetermined TCP and UDP ports to function. If anti-virus software prevents traffic on these ports, Qlik Sense may not function as expected.
Qlik Sense constantly updates a number of log files and also relies on multiple config and binary files to function correctly. If these files and folders are being scanned by the anti-virus software, then this may cause upgrades/installation to fail, performance issues, inability to run exe files, data connections, or cause the services to fail. Important: if the "C Drive" is not the default drive for these folders then make the necessary drive letter changes.
Note: Qlik Support cannot provide support and services for any Qlik Servers in which performance issues, port issues, installation, patching, or upgrading problems occur if these directories are not made exempt for any and all Anti-Virus solution. It will be best-effort, as the exclusions of these directories is a prerequisite to Qlik software.
Qlik Sense Enterprise, all versions
This example is for Symantec. Perform the same changes using any other Antivirus and Anti-Malware product present in the environment. A different respective IT department may need to be involved in performing and confirming these changes.
In your bottom left corner click to expose your Symantec icon then double click to open it up.
Click Change Settings on the left. Then select Exceptions.
Choose Security Risk Exception\Folder
Browse to the directory where the install files are located. Check off Include sub folders.
Note: Steps 3 to 5 need to be repeated to add all Qlik related directories when locations are different than the default. If the "C Drive" is not the default drive for these folders then make the necessary drive letter changes.
%Program Files%\Common Files\Qlik
Any QVD files (or folder where you save your QVDs) you may use to read/write during your reloads.
Also the full share root folder location which includes theApp folderconfigured in theService Cluster. The app folder stores all app files. In latest releases of Qlik Sense, files with ".lock" extensions are generated, and each binary app file has its own .lock file. These file must be excluded from analysis as well.
Sophos Antivirus will require 127.0.0.1 * to be excluded
Make sure that the anti-virus is not blocking access to certificates stored in the following location and their private keys: Personal (Local Computer), Trusted Root Certification Authorities (Local Computer), Personal (Current User for the service account)