Antivirus Exclusions for the Windows Forwarder
To ensure optimal performance and interoperability, certain files, folders, and processes used by the Stairwell Windows Forwarder must be excluded from scanning by any antivirus or endpoint security software.
Customers have observed up to a 10× performance improvement in file scanning after configuring exclusions in Microsoft Defender. These exclusions prevent real-time security software from interfering with Stairwell’s file access operations, reducing latency and avoiding unnecessary resource contention.
Add the following items to your endpoint protection exclusion policies:
| Component | Path |
|---|---|
| Forwarder Data Directory | C:\ProgramData\Stairwell |
| Forwarder Kernel Driver | C:\Windows\System32\drivers\SWAgent.sys |
| Forwarder Process | C:\Program Files\Stairwell\SwellService\SwellService.exe |
- Ensure that sub-folders are included for directory exclusions.
- Do not scan these paths with on-access or real-time protection engines.
Third-Party Antivirus Notes
Some antivirus vendors require wildcards or trailing asterisks (*) when specifying exclusion paths. For example:
C:\ProgramData\Stairwell\*
Consult your vendor’s documentation to ensure correct formatting of path-based exclusions.
Updated about 12 hours ago