Technical Tip: Performance Issues when Windows Defender is running in Parallel with FortiEDR

rduggal_FTNT · ‎11-27-2024

Description

This article describes how to prevent any performance issues and false positives when 2 or more NGAVs/endpoint security solutions run in parallel.

Scope

Applies to both On-prem and cloud FortiEDR deployments.

Solution

Login to FortiEDR Manager -> Security Settings -> Exclusion Manager -> Add a new list and name it 'Windows Defender' -> Add the required collector group to it and add the below exclusions:

smartscreen.exe \Windows\System32\ process

\Program*\Windows Defender\* process

*\ProgramData\Microsoft\Windows Defender\* execution prevention

*\ProgramData\Microsoft\Windows Defender\ execution prevention

*\ProgramData\Windows Defender\* execution prevention

*\ProgramData\Windows Defender\ execution prevention

*\Windows Defender Advanced Threat Protection\ process and execution prevention

It is also required to exclude FortiEDR’s processes on Windows Defender. Refer to the below article which contains a list of FortiEDR’s processes:

Technical Tip: Paths to exclude Antivirus exceptions in 3rd Party Antivirus

If there are still any problems encountered, open a new technical support ticket for further assistance: Support Fortinet.

Technical Tip: Performance Issues when Windows Defender is running in Parallel with FortiEDR

You are leaving our website