Configuring a centralized exception for a detected process

Article:HOWTO27608

Created: 2010-01-09

Updated: 2010-01-20

Article URL http://www.symantec.com/docs/HOWTO27608

Article Type
How To

Product(s)

Show all

Environment

Show all

CLOSE X

Windows Server 2008
Web Edition (x86) SP2, Web Edition (x86), Web Edition (x64) SP2, Web Edition (x64), Standard (x86-32bit) SP2, Standard (x86-32bit), Standard (x64-64bit) SP2, Standard (x64-64bit), Server Core, Enterprise (x86-32bit) SP2, Enterprise (x86-32bit), Enterprise (x64-64bit) SP2, Enterprise (x64-64bit), DataCenter (x86-32bit) SP2, DataCenter (x86-32bit), DataCenter (x64-64bit) SP2, DataCenter (x64-64bit)

Windows Server 2008 R2
WebServer (x64-64bit), Standard (x64-64bit), Enterprise (x64-64bit), DataCenter (x64-64bit)

VMWare ESX
4.0, 3.5 U4, 3.5 U3, 3.5 U2, 3.5 U1, 3.5, 3.0.2, 3.0.1, 3.0, 2.5

Windows XP
Pro 5.1 SP3, Pro 5.1 SP2, Pro 5.1 SP1, Pro 5.1 64 bit SP3, Pro 5.1 64 bit SP2, Pro 5.1 64 bit SP1, Embedded SP3, Embedded SP2, Embedded SP1

Windows Vista
Ultimate RC2, Ultimate (x86) 6.0.6000, Ultimate (x64) 6.0.6000, Starter (x86) 6.0.6000, RC2, Home RC2, Home Premium RC2, Home Premium (x86) 6.0.6000, Home Premium (x64) 6.0.6000, Home Basic (x86) 6.0.6000, Home Basic (x64) 6.0.6000, Enterprise RC2, Enterprise 6.0.6000, Business RC2, Business (x86) 6.0.6000, Business (x64) 6.0.6000

Windows Small Business Server 2008
Standard Edition, Premium Edition

Windows Server 2003 R2
Web Edition (x86), Web Edition (x64), Storage Server Edition (x86), Storage Server Edition (x64), Standard Edition (x86), Standard Edition (x64), Enterprise Edition (x86), Enterprise Edition (x64), Datacenter Edition (x86), Datacenter Edition (x64)

GSX Server for Windows
3.2

Windows Server 2003
Web Server, Web Edition SP2, Web Edition SP1, Storage Server SP2, Storage Server SP1, Storage Server (x64) SP2, Storage Server (x64) SP1, Storage Server (x64), Storage Server, Standard Server(x64), Standard Server SP2 (x64), Standard Server SP2, Standard Server SP1 (x64), Standard Server SP1, Standard Server, Enterprise SP2(x64), Enterprise SP2, Enterprise SP1(x64), Enterprise SP1(IA64), Enterprise ServerSP1, Enterprise Server, Enterprise (x64), Enterprise (IA64), Datacenter SP2(x64)

VMware Workstation
6.5, 6.0, 5.0

Windows Small Business Server 2003
Standard Edition

Windows Fundamentals for Legacy PCs
5.1 SP3

Languages

Show all

Configuring a centralized exception for a detected process

You can create an exception for a process that TruScan proactive threat scans detect.

When you create an exception for a detected process, you choose from a list of detections. The management console populates the list with the detections that the client logs in your security network.

The detection list appears empty if the client computers in your network have not yet made any detections.

You can force proactive threat scans to detect a particular process. When a proactive threat scan detects the process, and the management console receives the event, the process appears in the detected process list.

See Configuring an exception to force TruScan proactive threat scans to detect a process.

To configure a centralized exception for a detected process

On the Centralized Exceptions Policy page, click Centralized Exceptions.
Click Add > Windows Exceptions > TruScan Proactive Threat Scan Exceptions > Detected Processes.
Select the processes for which you want to create an exception.
In the Action drop-down box, select Ignore, Terminate, Quarantine, or Log only.
Click OK.
If you are finished with the configuration for this policy, click OK.

Legacy ID

350028

Article URL http://www.symantec.com/docs/HOWTO27608

Configuring a centralized exception for a detected process

Configuring a centralized exception for a detected process

Legacy ID

Please Sign In

Knowledge Base Search

Knowledge Base Search

MySymantec

MySymantec

Contacting Support

Contacting Support