Endpoint Protection

 View Only

  • 1.  Adding trusted domain - SEP 12.1

    Posted Aug 13, 2012 12:45 PM

    Is it possible to use a wildcard when adding trusted domains?

    *.website.com

    WIll this work?

    Is HTTPS supported?



  • 2.  RE: Adding trusted domain - SEP 12.1

    Posted Aug 13, 2012 12:54 PM

    Wildcards are not supported:


     

    HTTPS is probably trusted by default since it's supposedly secure so I wouldn't think these sites would be flagged to begin with.



  • 3.  RE: Adding trusted domain - SEP 12.1

    Posted Aug 13, 2012 01:02 PM

    The problem I'm having is with an HTTPS site. I have a user downloading a file for accounting purposes and the file name changes each month so I can't add it by file name. It's being flagged as ws.reputation.1 every time.

    How can I get around this so the user can work?



  • 4.  RE: Adding trusted domain - SEP 12.1

    Broadcom Employee
    Posted Aug 13, 2012 02:10 PM

    Hi,

    WS.Reputation.1 is a detection for files that have a low reputation score based on analyzing data from Symantec’s community of users and therefore are likely to be security risks. Detections of this type are based on Symantec’s reputation-based security technology. Because this detection is based on a reputation score, it does not represent a specific class of threat like adware or spyware, but instead applies to all threat categories.

    Software developers who want to accelerate the reputation building process for their new software applications should submit new applications to the Symantec white-listing program. Details of that program can be found here.

    http://www.symantec.com/security_response/writeup.jsp?docid=2010-051308-1854-99&tabid=3

    Best Practice when Symantec Endpoint Protection or Symantec AntiVirus is Detecting a File that is Believed to be Safe

    http://www.symantec.com/docs/TECH98360

    Restoring a false positive file detection from the Symantec Endpoint Protection quarantine

    http://www.symantec.com/docs/TECH150607

    About managing false positives detected by TruScan proactive threat scans

    http://www.symantec.com/docs/HOWTO27058

    We would also recommend you to submit the Files to the Symantec Security Response Team.

    You would have to Submit the Files to the Symantec Response Team on  the Following Sites:

    https://submit.symantec.com/false_positive/

    https://submit.symantec.com/websubmit/gold.cgi



  • 5.  RE: Adding trusted domain - SEP 12.1
    Best Answer

    Trusted Advisor
    Posted Aug 13, 2012 03:40 PM

    Hello,

    Just Insert website.com

    Check this Thread with same issue - https://www-secure.symantec.com/connect/forums/download-insight-exceptions

    Please try these Symantec Article below:

    Excluding a trusted Web domain from scans http://www.symantec.com/docs/HOWTO55211

    How to exclude specific Web domains from the Download Insight verification in SEP 12.1?

    http://www.symantec.com/docs/TECH162264

    Note: The use of port numbers, HTTPS or FTP URLs is not supported.

    You specify a URL when you specify a trusted Web domain exception. HTTPS or FTP URLs are not supported. You must create individual exceptions for files or applications that users might download from an HTTPS or FTP URL.

    You can find URLs for the Web domains that you want to exclude by viewing the Download Risk Distribution report.

    Hope that helps!!