Getting Started > Security enhancements and exceptions > Antivirus directory exclusions

Antivirus exclusions and service accounts

To run SolarWinds products you may need to exclude certain directories and ports from your antivirus software and add service accounts. You can also review antivirus exclusions for all Orion products in this article.

Directories

Ensure that SAM has access to all required files by excluding the following directories from antivirus protection.

  • Do not exclude executable files.
  • SolarWinds assumes that C:\ is the default install volume.

Orion server

  • C:\Inetpub\SolarWinds\
  • C:\ProgramData\SolarWinds\
  • C:\Program Files (x86)\Common Files\SolarWinds\
  • C:\Program Files (x86)\Microsoft SQL Server\
  • C:\Program Files (x86)\SolarWinds\
  • C:\Windows\Temp\SolarWinds\
  • C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files
  • C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files
  • C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files

If you are using NetFlow Traffic Analyzer, also exclude also the NTA Flow Storage Database directory and the appropriate backup directory from the antivirus protection.

SQL Server

  • C:\Program Files\Microsoft SQL Server\
  • C:\Program Files (x86)\Microsoft SQL Server\

Ports

  • 80/TCP - IIS web
  • 161/UDP - SNMP
  • 162/UDP - SNMP
  • 1433/TCP - MS SQL
  • 1434/TCP - MS SQL
  • 17777/TCP- SolarWinds Information Service

Service Accounts

The following are LOCAL accounts and not domain. Verify that the Location is changed to ServerName (not your domain) in the AD box.

  • NETWORK SERVICE
  • IUSR
  • Authenticated Users