Hi John,

Customers should not configure AV exclusion rules for Laserfiche except in three circumstances:

1. There is a specific Laserfiche issue in the environment reasonably believed to have an AV component.
   In this scenario we recommend (very) temporarily disabling AV to test whether doing so resolves the issue, and if so, re-enabling AV and putting in a targeted exclusion for the relevant area.
2. During migrations where you’re moving large volumes of known good files. AV often becomes a primary bottleneck to bulk file transfers and downloads and it’s appropriate to disable it or add relevant exclusions until the file/volume migration is complete.
3. In ongoing high-volume, performance sensitive scenarios involving Workflow and Quick Fields, it can be appropriate to exclude the Workflow and Quick Fields working directories for performance reasons.

Modern endpoint security (“AV”) solutions like Crowdstrike are much lighter weight with significantly lower performance impacts than antivirus agents of the past. These rely more on behavior-based heuristics for malware detection than traditional “match file signature against malware signature database” methods.

Gartner now calls the category Endpoint Protection Platforms.

Of course, not all customers are running this next generation of lightweight endpoint security software yet, so YMMV.