Creating an DNS or Host File Change Exception in Symantec Endpoint Protection Manager 12.1 RU1 MP1 and above.

Article:TECH194108  |  Created: 2012-07-31  |  Updated: 2012-10-15  |  Article URL http://www.symantec.com/docs/TECH194108
Article Type
Technical Solution


Issue



How to create an DNS or Host File Change Exception in Symantec Endpoint Protection Manager 12.1 RU1 MP1 and above.


Solution



SEP 12.1 Release Update 1 (RU1) Maintenance Patch 1 (MP1) added a new exclusion category: DNS or Host File Change Exception. This exclusion will prevent SONAR from taking any action on applications that have been excluded from these detections.

Follow the steps below for creating an DNS or Host File Change Exception in Symantec Endpoint Protection Manager 12.1 RU1 MP1 and above.

  1. Login to the Symantec Endpoint Protection Manager (SEPM)
  2. Click on Policies TAB
  3. Click Exceptions under policies
  4. Either click on "Edit the Policy" OR "Add an Exception Policy" as per your requirements.
  5. Under Exceptions Policy, click on Exceptions and click on "Add" button and then click on Windows Exceptions and select "DNS or Host File Change Exception"
  6. Click on "Add an Application to Monitor". Add an application that is to be Monitored on the network. That can be an Applicaiton which is currently in use, or an application that you would like to monitor for its appearance. Once this Application has been added, it can take several hours to appear  in the list  of Application Exceptions. Once it appears on the list, you will be able to specify an action for an application.
  7. Click on Add
  8. Chose the Action ( Ignore, Log only, Prompt and Block ) Note: By default it is set to "Log only"
  9. Click on OK
  10. Click on OK 

Make sure you assign the policy to the correct groups.





Article URL http://www.symantec.com/docs/TECH194108


Terms of use for this information are found in Legal Notices