Applicable Version(s):All Problem Statement:To ensure Aspen InfoPlus.21 (IP.21) servers operate as expected alongside anti-virus/endpoint protection products this article should be adhered to. It has been known that anti-virus/endpoint protection products may falsely block Aspen InfoPlus.21 product files and cause the following on an Aspen IP.21 server:
performance to be impacted
start-up problems
Note: this article is written regardless of antivirus product or endpoint security protection vendor (Symantec, McAfee, FireEye, CrowdStrike etc…)
The following Solution states both the folders and specific AspenTech executable files that together must be excluded from anti-virus/endpoint protection scanning.
Solution:
Before configuring the various recommended exclusions, it is advisable to try to identity the extent of any interaction between the anti-virus software and AspenTech processes, see KB: How to confirm that anti-virus software might be interfering with AspenTech processes? Once you have made any of the changes listed below, you can perform the check again to confirm all is well.
.\Program Files (x86)\AspenTech\
.\Program Files (x86)\Common Files\AspenTech Shared\
.\Program Files\AspenTech\
.\Program Files\Common Files\AspenTech Shared\
C:\inetpub\wwwroot\AspenTech\
C:\ProgramData\AspenTech\
C:\Windows\System32\inetsrv\
C:\Windows\SysWOW64\inetsrv\
C:\Users\Public\PublicDocuments\AspenTech\
All history repository and archive folders
2) Files to be explicitly excluded:Place any executable processes related to AspenTech InfoPlus.21 server into the exclusion list. You must place the names of the actual executables into the exclusion list, it is considered not enough to just place the AspenTech InfoPlus.21 code folder into the exclusion list.The following list of executables are normally started by Aspen InfoPlus.21 server, however this list is not exhaustive. Your Aspen InfoPlus.21 server may also start other programs not in this list. The solution here is to check your Defined Tasks listed in InfoPlus.21 Manager for the executables used. Note: depending on your installation bitness (32 or 64), except for h21prime and h21archive, these executables are located in either:
.\Program Files\AspenTech\InfoPlus.21\db21\code
.\Program Files (x86)\AspenTech\InfoPlus.21\db21\code
Name of executable:
Used to start:
tsk_server.exe
InfoPlus.21 Task Service
dbclock.exe
TSK_DBCLOCK
h21prime.exe (.\Program Files (x86)\AspenTech\InfoPlus.21\c21\h21\bin\ OR .\Program Files\AspenTech\InfoPlus.21\c21\h21\bin\)
Initializes repositories
h21archive.exe (.\Program Files (x86)\AspenTech\InfoPlus.21\c21\h21\bin\ OR .\Program Files\AspenTech\InfoPlus.21\c21\h21\bin\)
Archiving program for each repository
plantap.exe
TSK_PLAN
savedb.exe
TSK_SAVE
h21task.exe
TSK_H21T
h21arcbackup.exe
TSK_HBAK
kpi_task.exe
TSK_KPI
hlth.exe
TSK_HLTH
ip21servicehost.exe
TSK_ACCESS_SVC
ip21OPCuaserverhost.exe
TSK_OPCUA_SVR
cimq.exe
TSK_CIMQ
infoplus21_api_server.exe
TSK_ORIG_SERVER, TSK_ADMIN_SERVER, TSK_APEX_SERVER, TSK_EXCEL_SERVER, TSK_DEFAULT_SERVER, TSK_BATCH21_SERVER
sqlplus_server.exe
TSK_SQL_SERVER
iqtask.exe
Query tasks (TSK_IQ1, TSK_IQ2, etc.)
sqlplusreportscheduler.exe
TSK_SQLR
tsk_clc1.exe
TSK_CLC1
bgcsnet.exe
TSK_BGCSNET
iq.exe
TSK_CHK_SCRATCH, TSK_ACTG_SYNC
actg.exe
TSK_ACTG
actg_snf.exe
TSK_SNFA, TSK_SNF2, TSK_SNF3, TSK_SNF4, TSK_SNF5
GoldenBatchProfiling.exe
TSK_GBP
cmon.exe
TSK_CMON
cmrpt.exe
TSK_CMRP
ceve.exe
TSK_CEVE
ip21_grpc_server.exe
TSK_GRPC_SERVER
sqlplus_server_grpc.exe
TSK_SQL_gRPC
cimio_c_client.exe
Cim-IO Main Client Tasks (TSK_M_device)
cimio_c_async.exe
Cim-IO Async Client Tasks (TSK_A_device)
cimio_c_unsol.exe
Cim-IO Unsolicited Client Tasks (TSK_U_device)
cimio_c_changeover.exe
TSK_DETECT
Finally, it would also be recommended to exclude the AspenTech executable responsible for network licensing located on servers running AspenTech SLM network:lservnt.exe(.\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel RMS License Manager\WinNT) Keywords:VirusAntivirusFirewallExceptionExclusionExcludeSecurityScanning