To maintain the proper functioning of Safetica Client, you may need to whitelist certain files, folders, and URLs in your antivirus software.
To ensure full compatibility and avoid possible conflict, we highly recommend keeping your system and antivirus software up to date and manually setting exceptions for the Safetica folders, processes, and URLs mentioned below.
In this article, you will learn more about:
- Exceptions for Safetica services
- Exceptions for files and folders
- Exceptions for URLs
-
Exceptions we recommend adding to Sentinel ONE when MS Teams does not launch correctly
- What to do when setting exceptions does not help
Here you can find how to set the exceptions mentioned in this article in selected antivirus software:
Exceptions for Safetica services
If you are getting suspicious operations alerts from your antivirus regarding Safetica services such as STCservice.exe, STContentservice.exe, STEventservice.exe, or STAservice.exe, you can set them as allowed.
Exceptions for files and folders
Set these exceptions in your antivirus software for Safetica server:
| General format | Windows format |
|
%programdata%\OneConsole |
C:\ProgramData\OneConsole |
|
%programdata%\Safetica Management Service |
C:\ProgramData\Safetica Management Service |
|
%programdata%\STEventService\ |
C:\ProgramData\STEventService\ |
|
%programfiles%\Safetica Management Console |
C:\Program Files\Safetica Management Console |
|
%programfiles%\Safetica Management Service |
C:\Program Files\Safetica Management Service |
|
%programfiles%\Safetica Server |
C:\Program Files\Safetica Server |
Set these exceptions in your antivirus software for Safetica Client:
| General format | Windows format |
|
%programfiles%\Safetica\ |
C:\Program Files\Safetica\ |
|
%programdata%\Safetica Client Service\ |
C:\ProgramData\Safetica Client Service\ |
|
%programdata%\STEventService\ |
C:\ProgramData\STEventService\ |
|
%programdata%\Installer\ |
C:\ProgramData\Installer\ |
|
%systemroot%\Temp\install_update.bat |
C:\Windows\Temp\install_update.bat |
|
%systemroot%\Temp\vcredist_x64.exe |
C:\Windows\Temp\vcredist_x64.exe |
|
%systemroot%\Temp\vcredist_x86.exe |
C:\Windows\Temp\vcredist_x86.exe |
|
%systemroot%\Temp\InstallLogs\ |
C:\Windows\Temp\InstallLogs\ |
|
%systemroot%\System32\drivers\dc2drv.sys |
C:\Windows\System32\drivers\dc2drv.sys |
| %systemroot%\System32\drivers\fltenum.dll | C:\Windows\System32\drivers\fltenum.dll |
| %systemroot%\SysWOW64\STAgent.dll | C:\Windows\SysWOW64\STAgent.dll |
|
%systemroot%\SysWOW64\STEventService.exe |
C:\Windows\SysWOW64\STEventService.exe |
|
%systemroot%\SysWOW64\AgentConnectorProxy\ |
C:\Windows\SysWOW64\AgentConnectorProxy\ |
| %systemroot%\SysWOW64\STInstallAgent.dll | C:\Windows\SysWOW64\STInstallAgent.dll |
❗We are aware that exceptions for the %systemroot%\Temp folder are considered bad practice, but they are necessary for our existing product architecture.
Exceptions for URLs
Set the following exceptions in your antivirus or firewall:
| Reason for exception | URL |
| Communication for Safetica hosted on-premises | *.safetica.com |
| Connecting devices to cloud-hosted Safetica |
https://apim-saas-endpoint-pr-001.azure-api.net https://nxt-endpoint-api.safetica.com/ https://stsaasupdaterpr001.blob.core.windows.net/endpoint-binaries |
Exceptions we recommend adding to Sentinel ONE when MS Teams does not launch correctly
For Safetica:
| Value | Mode |
| C:\Windows\System32\drivers\dc2drv.sys | Interoperability |
| C:\Windows\SysWOW64\STEventService.exe | Interoperability |
| C:\Program Files\Safetica Management Service\ | Interoperability |
| C:\Program files\Safetica\ | Interoperability |
For MS Teams:
| Value | Mode |
| \Device\HarddiskVolume*\Program File*\Teams Installer\Teams.exe | Interoperability |
| \Device\HarddiskVolume*\Users\*\AppData\Local\Microsoft\Teams\Update.exe | Interoperability |
| \Device\HarddiskVolume*\Users\*\AppData\Local\Microsoft\Teams\current\Teams.exe | Interoperability |
What to do when setting exceptions does not help
If setting exceptions for folders, processes, or URLs in your antivirus or firewall does not solve your issue, please contact Safetica Support and submit the following information:
- The exact name and edition of your antivirus software - including the management console, endpoint application, etc.
- The version of your antivirus software.
- Screenshots and logs from your antivirus software from when the issue was detected or manifested itself.
- Export of your antivirus settings so that we can try reproducing the issue.
- The version of Safetica you are using.
- Logs from Safetica - STool etc.
- Your Safetica settings - data policies settings, website policies settings, etc.
- Issue description and how it manifests itself (e.g. a notification about something being detected, some files are deleted, etc.)
- Exact description of what the issue causes - whether injecting stops working, webpages can't load, DLP does not work, etc.