Disable real-time protection to avoid server conflicts

Document created by bgoddard Employee on Jun 14, 2019Last modified by bgoddard Employee on Oct 11, 2019
Version 5Show Document
  • View in full screen mode

Servers may encounter performance or network related issues when using a policy with real-time protection features enabled. As an example, DNS/DHCP/DC servers may be unable to resolve hostnames when Web Protection is enabled. This article explains how to disable real-time protection features during installation to avoid these server issues.

 

There are two ways to resolve this:

  • Disable conflicting features in the default policy, or
  • Use the command line to deploy agents into a new group and policy.

 

Option 1: Disable conflicting features in the default policy

Important: By disabling real-time protection features in your default policy, you are turning them off for all endpoints that use the default policy.

 

  1. In the Malwarebytes cloud console, navigate to Settings > Policies > Default Policy.

  2. In the policy Windows > Settings > Real-Time Protection section, disable any real-time protection settings that you do not wish to use on your server(s).
     

  3. Click Save.

  4. Install the server endpoint using the updated default policy. For details on installing an endpoint, see the Malwarebytes Cloud Console Administrator Guide.

  5. The endpoint might require a reboot after installation in order for the changes to take effect.

 

Option 2: Use the command line to install into a new group and policy

By specifying a group on the command line, the group's policy is applied as soon as installation is complete. We'll create a new group and new policy in order to accomplish this.

 

Add a new policy

  1. In the Malwarebytes cloud console, select SettingsPolicies > New.

  2. Name the policy.

  3. Check all the settings needed for your server(s) using this policy.

  4. In the policy Windows > Settings > Real-Time Protection section, disable any real-time protection settings that you do not wish to use on your server(s).


  5. Click Save.

 

Add a new group

  1. Select Settings > Groups > New.

  2. Enter a name for the group. Under Policy Name, choose the new policy you created.

  3. Click Save.


  4. Download the latest installer from the console. Navigate to Endpoints > Add Endpoints > Managed Endpoint Installers.

  5. Locate the new group ID in the cloud console:
    1. Navigate to Add Endpoints > Managed Endpoint Installers.
    2. Click the box labeled How to Automatically Specify Group Assignment. A list of Group IDs is displayed.

  6. Copy the Group ID that you want to assign the server to.

  7. Open a Windows command prompt, and enter the following command, substituting the downloaded .exe for the example:
Setup.MBEndpointAgent.Full.exe GROUP="<Group ID>"

 

Important

  • Double-check the Group ID before installing. If you specify a group name that does not exist, the endpoint will be assigned to the default group instead.
  • The Windows setup filename may differ from the example, depending on the installer type.

 

See also

Attachments

    Outcomes