Best practices for using Code42 with antivirus or EDR software
Who is this article for?
Instructor, no.
Incydr Professional, Enterprise, Gov F2, and Horizon, no.
Incydr Basic, Advanced, and Gov F1, no.
CrashPlan Cloud, no.
Retired product plans, yes.
CrashPlan for Small Business, no.
Overview
Code42 complements the functionality of antivirus or endpoint detection and response (EDR) programs. However, when the Code42 app and these other programs are installed on the same device, they might compete for locked files and system resources, causing heavy CPU usage.
As a result, we recommend configuring your antivirus or other endpoint security programs to exclude Code42. We also recommend configuring the Code42 app to exclude from backup the cache files created by the antivirus EDR programs.
Follow this process if you are using applications like:
- Carbon Black Cb Defense
- Carbon Black Cb Response
- CrowdStrike Falcon
- Kaspersky Endpoint Security for Business
- McAfee AntiVirus
- McAfee Endpoint Threat Defense and Response
- Sophos Intercept X
Configure your antivirus or EDR app to exclude Code42
Code42 app backs up your existing files, but only creates two types of files: backup archives and cache files. Learn more about the Code42 file types below.
Backup archives
The contents of backup archives are compressed and encrypted. Even if a backup archive contains a malicious file, antivirus or EDR software cannot inspect the contents of an archive. Furthermore, malicious files cannot activate or spread while in a compressed and encrypted form.
Most importantly, backup archives only contain data that is already stored elsewhere. To detect malicious files, scan the source, not the backup archive.
Cache files
The cache files are benign records of Code42 operations. They only contain information about Code42 activity, and therefore they can be ignored by scans.
Step 1: Exclude Code42 app folders
Some programs operate by scanning folders. We recommend excluding Code42 app folders from live scans.
Windows folders
Mac folders
Linux folders
Step 2: Exclude the Code42 service
Antivirus and EDR programs might also monitor the processes running on your device, so we recommend excluding the Code42 service.
If the Code42 app is installed per user, exclude these folders for the Code42 service.
Configure Code42 to exclude your antivirus or EDR cache files
As antivirus and EDR applications scan your device, they create cache files. Depending on your file selection, Code42 may attempt to back up these cache files. We recommend excluding these caches from your file selection for several reasons:
- The need to restore these cache files is very unlikely.
- Antivirus and EDR applications might attempt to scan Code42's cache files of their cache, which causes an endless loop.
To exclude your antivirus cache from your backup:
- Consult your antivirus program's documentation to find the antivirus cache location.
- Sign in to your administration console.
- Go to Settings > Device Backup > Backup.
- Use the File Selection settings to exclude the antivirus cache location for all devices in your Code42 environment.
- Click Save.
Restore considerations
Restoring a large amount of files may cause your antivirus or EDR program to examine each file as Code42 restores it. This causes your restore job to take longer than usual. To speed up the restore, pause the antivirus or EDR program.