PostgreSQL Antivirus/EDR Exclusion Guidance for ManageEngine OpManager

Purpose

This document provides guidance for customers using ManageEngine OpManager whose bundled PostgreSQL database may be impacted by third-party Antivirus (AV) or Endpoint Detection and Response (EDR) tools.

Such tools can sometimes interfere with PostgreSQL binaries, data directories, or services, which may result in:

• Product startup failures
• Slower performance during database operations
• Errors during service pack or patch installations

When to consider exclusions

Customers are advised to consider excluding PostgreSQL folders from AV/EDR scanning in the following scenarios:

• Product startup failureswith errors indicating PostgreSQL binaries are missing or blocked.
• PostgreSQL service fails to start or initialize during application startup.
• Service pack or patch installation fails due to missing or quarantined PostgreSQL binaries.
• Database startup or query execution is noticeably slow, and AV/EDR activity is suspected.
• Logs or AV/EDR reports show detection, quarantine, or deletion events for PostgreSQL components bundled with the product.

Recommended exclusions

If AV/EDR is confirmed to interfere with PostgreSQL, exclude the following path from real-time and scheduled scans:

<product home>/pgsql/
<product home>/pgsql/bin/postgres.exe
Note: Replace <product home> with the actual installation path of ManageEngine OpManager on the target system.

Disclaimer and liability acknowledgment

By applying these exclusions, the customer acknowledges:

• Exclusions are recommended only to resolve known compatibility or performance issues caused by third-party security tools.
• It is the customer's responsibility to evaluate the risks and apply these exclusions based on their internal security policies and threat model.
• ManageEngine OpManager does not assume liability for any security risk introduced by applying AV/EDR exclusions.