Video Screencast Help

Centralize Exception policy

Created: 22 Jul 2012 • Updated: 25 Jul 2012 | 4 comments
This issue has been solved. See solution.

Can anyone guide me what is Centralize Exception policy?

How to configure it?

Comments 4 CommentsJump to latest comment

honey_jack's picture

Centralized Exceptions policies contain exceptions for the following types of scans for Windows-based operating systems:

  • Antivirus and Antispyware scans
  • TruScan Proactive Threat Scans
  • Tamper Protection

Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager

If required theCentralized Exceptions for Server Applications

You will get the Antivirus Exclusion recommendation on the application support page

For Microsoft :

Domino :

SMS Domino :

Thanks & Regard

Honey Jack

If your issue has been solved, please use the "Mark as Solution" for the valid thread.

honey_jack's picture

Follow the instructions below to make the type of exception required.

Creating exceptions for Antivirus and Antispyware scans

Note: Security Risk Exceptions are global, and apply to all Scheduled Scans as well as real-time Auto-Protect.

    1. Log into the SEPM and click Policies.
    2. Under View Policies click Centralized Exceptions.
    3. Under Tasks click Add a Centralized Exception policy... This will create and open a new Centralized Exceptions Policy.
    4. In the left pane, click Centralized Exceptions.
    5. Click the Add button to open a drop-down menu. Move the cursor over Security Risk Exceptions to open a second drop-down menu.
    6. Select one of the four options: Known Risks, File, Folder, Extensions.

Note: Wildcard variables such as * and ? are not supported for Known RisksFile, or Folder exceptions. The ? wildcard is supported for Extension exceptions. The Folder exceptions screen will accept * and ? but they will be treated as literal characters not wildcard variables.

Note: For File and Folder-based exclusions, the Full Path to the file must be specified, unless a "Prefix Variable" is selected. If a "Prefix Variable" is selected, the path specified should be relative to the selected "Prefix Variable" 

Note: if you are unsure about what type of exception to make please see the chapter entitled "Configuring Centralized Exceptions Policies" in the pdf "Administration Guide for Symantec™ Endpoint Protection and Symantec Network Access Control".

  1. Enter the appropriate information for the known risk, file, folder, or extension to be excluded.
  2. (Optional) Repeat steps 5 through 7 to add any other Security Risk Exceptions to the policy.
  3. (Optional) Follow the appropriate steps under "Creating exceptions for TruScan proactive threat scans" or "Creating exceptions for Tamper Protection scans" to add those types of exceptions to this policy.
  4. Click OK.

Thanks & Regard

Honey Jack

If your issue has been solved, please use the "Mark as Solution" for the valid thread.

Mohan Babu's picture


You need more details about the Options in the Policies of the Symantec Endpoint Protection Manager (SEPM)


Centralized Exceptions Policy


Centralized Exceptions Overview

You can use a centralized exceptions policy to create exceptions for antivirus and antispyware scans. You can also create exceptions for TruScan proactive threat scans or Tamper Protection.

Any exception that you include in the policy applies to all scans of the same type. For example, you might create an exception to exclude a security risk. The client software then excludes the security risk from all antivirus and from all antispyware scans on the client computers that use the policy.

Table: Overview options

Policy name Provides the name of the policy that includes all of the centralized exceptions
Description Enables you to type a description of the centralized exceptions to any existing policies
Group Path Shows the groups that currently use any of the centralized exceptions
Location Shows the locations that are associated with the groups that use this exception

Centralized Exceptions

Use this tab to add centralized exceptions for security risks, TruScan proactive threat scans, and Tamper Protection. You can edit or delete exceptions, and you can view exception details.

A centralized exceptions policy lets you exclude certain items from future detection. Exclude only those items that you have determined are useful in your environment. Those items must not pose a risk to the security of your network.

You can exclude the following items from antivirus and antispyware scans:
· Known security risks
· Extensions 
· Files 
· Folders

For Tamper Protection, you can exclude particular files.

For proactive threat scans, you can create the following exceptions:
· Specify an action for a known process that proactive threat scans detect.
· Force a detection of a particular process.

Note: Cannot make exceptions for a type of scan ie. scheduled, custom or on demand. They all follow the centralized exceptions.

Centralized Exceptions: Client Restrictions

Use this page to specify restrictions for the types of exceptions that users can add. By default, users can create any type of exception. If you de-select an exception type, the user cannot create any exception of that type.

Note: Users cannot configure Tamper Protection exceptions.

Centralized Exceptions

How to configure Centralized exceptions:

Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 11

Mohan Babu

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)