EDR and Anti-Virus Allow listing

Overview

This article describes recommended allowlisting configurations for Endpoint Detection and Response (EDR) and antivirus software when using Softdrive.

Improper endpoint security configuration can interfere with Softdrive connectivity, streaming performance, or session stability.

Recommendation

For Softdrive components, we recommend configuring Endpoint Detection and Response (EDR) or antivirus software to verify the digital signatures of Softdrive processes instead of relying only on process-name allowlisting.

Many enterprise EDR platforms support certificate-based allowlisting, which is a more secure and reliable method of trusting signed applications.

Applies To

Softdrive Client installations
Softdrive Cloud Desktops
EDR / Antivirus software
Corporate security environments

Prerequisites

Administrative access to the EDR or antivirus platform
Access to the local computer or Softdrive Cloud Desktop
Ability to configure allowlists or exclusions

Procedure

1. Configure Allowlisting for the Softdrive Client (Local Computer)

If security software is installed on the local computer running the Softdrive Client, configure allowlisting for the following directories and processes.

Directories

%localappdata%\Programs\softdrive-launcher
%appdata%\softdrive-launcher

Processes

CrashHandler.exe
SendMessageToMailSlot.exe
SoftdriveClient.exe
Softdrive.exe

2. Configure Allowlisting for the Softdrive Server (Cloud Desktop)

If security software is installed on the Softdrive Cloud Desktop, configure allowlisting for the following directories and processes.

Directories

Softdrive Server

C:\Softdrive

QEMU Guest Agent

C:\Program Files\Qemu-ga

Processes

Softdrive Server

CrashHandler.exe
SendMessageToMailSlot.exe
SendMessageToServer.exe
SoftdriveServer.exe
SoftdriveServerUser.exe
SoftdriveService.exe

QEMU Guest Agent

Important

Please note that qemu-ga.exe is not currently signed by Softdrive.

qemu-ga.exe

Expected Result

Softdrive components are trusted by the endpoint security software and are able to operate normally without interruption, blocking, or degraded performance.

Troubleshooting

Verify the configured directories and process names exactly match the installed paths
Confirm the EDR policy has been applied successfully to the device
Check whether the security software is blocking UDP traffic or terminating Softdrive processes
Review EDR logs for detections related to Softdrive components
Test temporarily disabling endpoint protection to confirm the issue is security-related

If issues persist, contact support@softdrive.co and provide:

The EDR or antivirus platform in use
Description of the observed behavior
Relevant security logs or detections

Preparing OCI Tenancy

Preparing Softdrive Environment

Configuration Guides

Configuring Virtual PC Images

Configuring Endpoints and Softstream Client

Identity and Access Management (IAM)

Application Installation and Tuning

Management and Monitoring

User and Profile Management

Manage Computers and Pools

Manage Fleets

Manage Templates

Security

Troubleshooting

EDR and Anti-Virus Allow listing

Overview

Applies To

Prerequisites

Procedure

1. Configure Allowlisting for the Softdrive Client (Local Computer)

Directories

Processes

2. Configure Allowlisting for the Softdrive Server (Cloud Desktop)

Directories

Processes

Expected Result

Troubleshooting