Real-Time Security Capable allow-listing and AV Considerations

ALERT LEGACY ARTICLE: The content in this article is no longer updated and is available for reference purposes only. Features and workflows described may be deprecated, significantly changed, or no longer supported.

Environment

Datto EDR

Description

Antivirus Exclusions

There are several binaries that should be allowed for execution by other security tool on targeted endpoints. You can do so by hash (found on the Download page within the Admin Panel) or by file and path.

With the release of the Real-time security features in Datto EDR the allow-listed files have changed.

The following paths and files will be used by Datto EDR during installation and production:

Windows

C:\windows\temp\survey.exe
C:\windows\temp\infocyte.vbs
C:\windows\temp\infocyte.exe
C:\Program Files\Datto EDR\Agent\agent.exe

Linux

/tmp/survey.bin
/tmp/infocyte.exe
/opt/infocyte/agent/agent.exe

Agent allow-listing

While rare, some AV engines may require the Agent Application folder to be allow-listed in Agent-based deployments of Datto EDR. You can allow-list the following directories or use the hashes found under the download section to specify the specific files.

Windows: C:\program files\infocyte\agent
Linux:Â Â /opt/infocyte/

Allow-listing by Hash

You can allow-list in your AV by hash as well assuming it supports this. Our hashes can always be found in the /admin/downloads page of your Datto EDR console.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.