This blog is what you’re looking for if :

  • You are using SEP 11 with PVS and XenDesktop 4 / 5 / 5.5
  • If your VMs have a “Persona” drive (D: for ex)
  • Windows XP VMs (it should work with Windows 7 as well)
  • If you don’t want or you cannot use PVS Personality Strings
  • The SEP11 administrator is becoming crazy because all the XenDesktop VMs are creating new entries at every reboot.

Using an antivirus software on a VDI plate form is a discussion often see here and there but this time the question wasn’t if I needed to install an antivirus or not, Symantec Endpoint Protection was already installed and running on my customer Citrix XenDesktop 4 / PVS 5.6 sp1 infrastructure. SEP11 (Short name for Symantec EndPoint Protection) was installed and was running well on the PVS distributed pool VMs. Yesterday the SEP administrator came to me and complained about the fact XenDesktop VMs were generating new entry in the SEP11 administration console every time they were rebooted and every morning he was forced to move all the object in the VDI node and delete all the past entries…

But everything was working… I guess this administrator might have fund that a bit boring, he just complained and continued to do this tack every day and when he wasn’t here, no one was taking care of that manual task. XenDesktop VMs needed to be in the VDI node because the exclusion in place were important for VMs performances :

  • PVS cache file
  • Event logs
  • EdgeSight firebird database
  • etc etc…


8 194

  • Pingback: Stephane Thirion (@archynet)()

  • Pingback: @BeCTXGrp()

  • Pingback: @J_Brison()

  • prasanth

    I know this is really old post. But still wanted to ask…Te script is working on XP machine if I run manually. But it is not working on bootup. I have added the “Event Log group” to the srvany properties but no change

  • hi prasanth,
    it’s working on Windows XP, maybe you should check the path is correct dtry to start the service manualy to check.


  • Stephane,

    merci for sharing.

    I am planning a new PVS implementation with virtual targets each with its own cache disk. I want to use the cache disk to store data like Windows Event Log, EdgeSight Firebird DB, and – guess what – antivirus pattern

    Do you know if it is possible to redirect SEP client’s antivirus pattern path to another location, that is in my scenario the disk dedicted for the PVS Target Cache?

    Thanks in advance


  • Hi Peter,
    I haven’t check and I don’t remember if it’s possible to redirect patern to a cache disk, it should be possible. However you should also have a look on the other solution to manage antivirus for VDI with solution to offload the scan with an appliance (and avoiding running one antivirus client per vm)

  • Pingback: Trend ServerProtect 5.80, XenApp 6.5 / PVS |