Antivirus Exclusions for JewelSuite Applications

Overview

JewelSuite applications load a large number of files at startup, including native and .NET libraries, plug-ins, and geoscience datasets. When real-time antivirus (AV) scanning is active, each file is scanned as it is opened, which can significantly extend initialization time. Customers have reported startup times of around 100 seconds under strict scanning policies. With the configuration described below, the same workload typically launches in under 10 seconds. Application startup involves the most concentrated period of file loading and is where the most significant impact is typically observed. Other disk-intensive operations during an active session may also be affected, depending on the nature of the operation and the data being accessed.

This chapter explains what to configure so that AV products minimize redundant real-time scanning for JewelSuite, while preserving scheduled and on-demand scans and behavioral protections.

Customer and IT collaboration: Baker Hughes provides this as a carefully considered recommendation, not a mandate. Each organization must review and approve AV configuration changes with its internal IT and security teams, and assess the security impact appropriate to its environment.

Recommendation

Baker Hughes recommends configuring your AV solution to skip real-time (on-access) scanning of files opened by the relevant JewelSuite application process. This is commonly referred to as a process-opened file exclusion. The exemption applies only to files accessed by the specific application executable; files opened by any other process continue to be scanned normally.

Windows Defender example: In Microsoft Defender for Endpoint and Microsoft Defender Antivirus, process exclusions are configured under Exclusions in Windows Security settings, or centrally via Group Policy or Microsoft Intune. Specify the fully-qualified path to the application executable. Refer to the Microsoft documentation for your deployment for the appropriate configuration method.

Scope and Behavior

When this recommendation is in place:

  • Real-time (on-access) scanning is skipped only for files opened by the specified JewelSuite process.
  • Scheduled scans, on-demand full scans, and behavioral monitoring remain active and continue to evaluate application files.
  • Files opened by all other processes, including system services, browsers, and email clients, continue to be scanned in real time.
  • Endpoint Detection and Response (EDR) behavioral analytics are not affected by this configuration.
  • The exclusion covers all file access by the application process throughout the session, not only at startup. Any disk-intensive operation may also benefit, including loading project data, reading from shared storage, or saving. The degree of improvement will vary with the nature and volume of the operations involved.

Multi-vendor Applicability

The example above uses Windows Defender terminology, but most enterprise AV and EDR platforms offer a comparable process-scoped exclusion capability. These platforms typically also support central deployment of exclusion policies through their management console, Group Policy, or Microsoft Intune, so the exclusion can be rolled out consistently across your endpoint fleet. Consult your vendor's documentation to apply the equivalent setting.

Application-Specific Paths

Each JewelSuite application has its own executable and install path. The exact, fully-qualified path needed to configure the exclusion is listed in the Antivirus Configuration section of the corresponding product User Manual. Always use the fully-qualified path and avoid mid-path wildcards when defining the rule.

Because exclusions reference a version-specific install path, they should be reviewed and updated after each major version upgrade, as the install path may change between releases. If your organization prefers a rule that is not tied to a specific version, most AV platforms also accept the executable filename alone, without a path. The filename for each product is listed alongside the full path in the corresponding product User Manual. Be aware that a rule based on filename alone will match any process with that name running on the endpoint, so confirm that no other application uses the same filename before applying this approach.

External Tools and Simulators

JewelSuite integrates with a number of third-party tools and simulators that may be invoked as part of a workflow. Where these external processes load large numbers of files during operation, they are subject to the same real-time scanning overhead described above. Consider applying equivalent process exclusions to any third-party executables used alongside JewelSuite, and consult the documentation for those tools to identify their install paths.