Compatibility of SES Evolution with other security solutions

The combination of several security solutions can have an impact on performance and lead to incompatibilities.

To function correctly, SES Evolution components must be able to access the resources listed below.

Ensure that no other security solutions prevent access to these resources on the various machines on which the components have been installed.

SES Evolution agent

Folders
%PROGRAMDATA%\Stormshield Endpoint Security Evolution Agent Diagnostic Result\
%PROGRAMDATA%\Stormshield\SES Evolution\Agent
%SYSTEMROOT%\System32\Drivers\SES Evolution
%PROGRAMFILES%\Stormshield\SES Evolution\Agent
Registry keys
HKEY_CURRENT_USER\Software\Stormshield
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal\EsaGuardSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal\EsaGuiSrvSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal\EsaUpdateSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Network\EsaGuardSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Network\EsaGuiSrvSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Network\EsaUpdateSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaAccountCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaAnalyzerSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaAppIdSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaCollectorSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaCommSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaCoreDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaDeviceCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaDiagSrvSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaExecCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaGuardDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaGuardSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaGuiSrvSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaInjectDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaInjectSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaKeylogGuardDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaKrnlCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaLogSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaMemProtectDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaNetworkCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaPolicySvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaProbeDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaRulesEngDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaResponseSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaScriptSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaUpdateDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaUpdateSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaUsbCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaUsbCtrlSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaWirelessCtrlDrv
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EsaWirelessCtrlSvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System
HKEY_LOCAL_MACHINE\Software\Classes\Software\Stormshield\SES Evolution\Agent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stormshield Endpoint Security Evolution Agent

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ExcludedApplications

Under this key, the following values relate to the SES Evolution agent:

  • EsAnalyzer.exe

  • EsAppId.exe

  • EsCollector.exe

  • EsComm.exe

  • EsDiagSrv.exe

  • EsGuard.exe

  • EsGui.exe

  • EsGuiSrv.exe

  • EsInject.exe

  • EsInjectWow64Host.exe

  • EsLog.exe

  • EsNotificationHost.exe

  • EsNotify.exe

  • EsPolicy.exe

  • EsScript.exe

  • EsScriptHost.exe

  • EsSetup.exe

  • EsSetupWorker.exe

  • EsUpdate.exe

  • EsUpdateHost.exe

  • EsUsbCtrl.exe

  • EsWirelessCtrl.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug\AutoExclusionList

See the list of values relating to the SES Evolution agent above.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps

See the list of values relating to the SES Evolution agent above.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment
HKEY_LOCAL_MACHINE\SOFTWARE\Stormshield\SES Evolution
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WlanSvc\Parameters\WlanAPIPermissions
HKEY_USERS\Environment
HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

Console

Folders
%PROGRAMDATA%\Stormshield\SES Evolution\Console\
%PROGRAMFILES%\Stormshield\SES Evolution\Console\
%APPDATA%\EsConsole\
%TEMP%\EsInstaller\
Registry keys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EscConsoleUpdateSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Stormshield\SES Evolution\Console
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stormshield Endpoint Security Evolution Console

Backend server

Folders
%PROGRAMDATA%\Stormshield\SES Evolution\Backend\
%PROGRAMFILES%\Stormshield\SES Evolution\Backend\
%SYSTEMROOT%\System32\inetsrv\Config\
%TEMP%\EsInstaller\
Registry keys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EsrBackendUpdateSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Stormshield\SES Evolution\Backend
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stormshield Endpoint Security Evolution Backend

Agent handler

Folders
%PROGRAMDATA%\Stormshield\SES Evolution\Server\log
%PROGRAMDATA%\Stormshield\SES Evolution\Server\AgentLogs
%PROGRAMFILES%\Stormshield\SES Evolution\Server\
%SYSTEMROOT%\ServiceProfiles\LocalService\AppData\Local\Temp\EsServer\
%TEMP%\EsInstaller\
Registry keys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Endpoint Security Server Performance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EsrCoreSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EsrServerUpdateSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Stormshield\SES Evolution\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stormshield Endpoint Security Evolution Server