Endpoint Protection

 View Only

  • 1.  Centralize Exception policy

    Posted Jul 22, 2012 10:54 AM

    Can anyone guide me what is Centralize Exception policy?

    How to configure it?



  • 2.  RE: Centralize Exception policy

    Broadcom Employee
    Posted Jul 22, 2012 10:57 AM

    check this link

    Creating centralized exception

    http://www.symantec.com/business/support/index?page=content&id=TECH104326
     

     



  • 3.  RE: Centralize Exception policy
    Best Answer

    Posted Jul 22, 2012 11:00 AM

    Centralized Exceptions policies contain exceptions for the following types of scans for Windows-based operating systems:

    • Antivirus and Antispyware scans
    • TruScan Proactive Threat Scans
    • Tamper Protection

    Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager

     http://www.symantec.com/business/support/index?page=content&id=TECH104326

    If required theCentralized Exceptions for Server Applications

    You will get the Antivirus Exclusion recommendation on the application support page

    For Microsoft :http://social.technet.microsoft.com/wiki/contents/articles/953.aspx

    Domino :https://www-304.ibm.com/support/docview.wss?uid=swg21417504

    SMS Domino :http://www.symantec.com/business/support/index?page=content&id=TECH79960



  • 4.  RE: Centralize Exception policy

    Posted Jul 22, 2012 11:02 AM

    Follow the instructions below to make the type of exception required.

    Creating exceptions for Antivirus and Antispyware scans

    Note: Security Risk Exceptions are global, and apply to all Scheduled Scans as well as real-time Auto-Protect.

    •  
      1. Log into the SEPM and click Policies.
      2. Under View Policies click Centralized Exceptions.
      3. Under Tasks click Add a Centralized Exception policy... This will create and open a new Centralized Exceptions Policy.
      4. In the left pane, click Centralized Exceptions.
      5. Click the Add button to open a drop-down menu. Move the cursor over Security Risk Exceptions to open a second drop-down menu.
      6. Select one of the four options: Known Risks, File, Folder, Extensions.

    Note: Wildcard variables such as * and ? are not supported for Known RisksFile, or Folder exceptions. The ? wildcard is supported for Extension exceptions. The Folder exceptions screen will accept * and ? but they will be treated as literal characters not wildcard variables.

    Note: For File and Folder-based exclusions, the Full Path to the file must be specified, unless a "Prefix Variable" is selected. If a "Prefix Variable" is selected, the path specified should be relative to the selected "Prefix Variable" 

    Note: if you are unsure about what type of exception to make please see the chapter entitled "Configuring Centralized Exceptions Policies" in the pdf "Administration Guide for Symantec™ Endpoint Protection and Symantec Network Access Control".

    1. Enter the appropriate information for the known risk, file, folder, or extension to be excluded.
    2. (Optional) Repeat steps 5 through 7 to add any other Security Risk Exceptions to the policy.
    3. (Optional) Follow the appropriate steps under "Creating exceptions for TruScan proactive threat scans" or "Creating exceptions for Tamper Protection scans" to add those types of exceptions to this policy.
    4. Click OK.


  • 5.  RE: Centralize Exception policy

    Posted Jul 22, 2012 03:32 PM

     

    Problem



    You need more details about the Options in the Policies of the Symantec Endpoint Protection Manager (SEPM)

     


    Cause



    Centralized Exceptions Policy


    Solution



    Centralized Exceptions Overview

    You can use a centralized exceptions policy to create exceptions for antivirus and antispyware scans. You can also create exceptions for TruScan proactive threat scans or Tamper Protection.

    Any exception that you include in the policy applies to all scans of the same type. For example, you might create an exception to exclude a security risk. The client software then excludes the security risk from all antivirus and from all antispyware scans on the client computers that use the policy.

    Table: Overview options

    Option
    Description
    Policy name Provides the name of the policy that includes all of the centralized exceptions
    Description Enables you to type a description of the centralized exceptions to any existing policies
    Group Path Shows the groups that currently use any of the centralized exceptions
    Location Shows the locations that are associated with the groups that use this exception

     


     

    Centralized Exceptions

    Use this tab to add centralized exceptions for security risks, TruScan proactive threat scans, and Tamper Protection. You can edit or delete exceptions, and you can view exception details.

    A centralized exceptions policy lets you exclude certain items from future detection. Exclude only those items that you have determined are useful in your environment. Those items must not pose a risk to the security of your network.

    You can exclude the following items from antivirus and antispyware scans:
    · Known security risks
    · Extensions 
    · Files 
    · Folders

    For Tamper Protection, you can exclude particular files.

    For proactive threat scans, you can create the following exceptions:
    · Specify an action for a known process that proactive threat scans detect.
    · Force a detection of a particular process.
     

    Note: Cannot make exceptions for a type of scan ie. scheduled, custom or on demand. They all follow the centralized exceptions.
     

    Centralized Exceptions: Client Restrictions

    Use this page to specify restrictions for the types of exceptions that users can add. By default, users can create any type of exception. If you de-select an exception type, the user cannot create any exception of that type.

    Note: Users cannot configure Tamper Protection exceptions.

     

    Centralized Exceptions www.symantec.com/docs/TECH104432

     

     

    How to configure Centralized exceptions:

     

     
    Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 11
    http://www.symantec.com/docs/TECH104326