Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrades.
Please accept our apologies in advance for any inconvenience this might cause.

centralized exception

Created: 19 Oct 2012 • Updated: 21 Oct 2012 | 4 comments
This issue has been solved. See solution.

What is centralized exception policy and how it work?

Comments 4 CommentsJump to latest comment

Sumit G's picture

Centralized Exceptions is policy which can help in exception of file scanning.

Link for reffernece

https://www-secure.symantec.com/connect/forums/cen...

Centralized Exceptions policies contain exceptions for the following types of scans for Windows-based operating systems:

  • Antivirus and Antispyware scans
  • TruScan Proactive Threat Scans
  • Tamper Protection

Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager

 http://www.symantec.com/business/support/index?page=content&id=TECH104326

If required theCentralized Exceptions for Server Applications

You will get the Antivirus Exclusion recommendation on the application support page

For Microsoft :http://social.technet.microsoft.com/wiki/contents/articles/953.aspx

Domino :https://www-304.ibm.com/support/docview.wss?uid=swg21417504

SMS Domino :http://www.symantec.com/business/support/index?page=content&id=TECH79960

Regards

Sumit G.

Sumit G's picture

Centralized Exceptions Overview

You can use a centralized exceptions policy to create exceptions for antivirus and antispyware scans. You can also create exceptions for TruScan proactive threat scans or Tamper Protection.

Any exception that you include in the policy applies to all scans of the same type. For example, you might create an exception to exclude a security risk. The client software then excludes the security risk from all antivirus and from all antispyware scans on the client computers that use the policy.

Table: Overview options

Option
Description
Policy name Provides the name of the policy that includes all of the centralized exceptions
Description Enables you to type a description of the centralized exceptions to any existing policies
Group Path Shows the groups that currently use any of the centralized exceptions
Location Shows the locations that are associated with the groups that use this exception

 

 

Centralized Exceptions

Use this tab to add centralized exceptions for security risks, TruScan proactive threat scans, and Tamper Protection. You can edit or delete exceptions, and you can view exception details.

A centralized exceptions policy lets you exclude certain items from future detection. Exclude only those items that you have determined are useful in your environment. Those items must not pose a risk to the security of your network.

You can exclude the following items from antivirus and antispyware scans:
· Known security risks
· Extensions 
· Files 
· Folders

For Tamper Protection, you can exclude particular files.

For proactive threat scans, you can create the following exceptions:
· Specify an action for a known process that proactive threat scans detect.
· Force a detection of a particular process.
 

Note: Cannot make exceptions for a type of scan ie. scheduled, custom or on demand. They all follow the centralized exceptions.
 

Centralized Exceptions: Client Restrictions

Use this page to specify restrictions for the types of exceptions that users can add. By default, users can create any type of exception. If you de-select an exception type, the user cannot create any exception of that type.

Note: Users cannot configure Tamper Protection exceptions.

 

Centralized Exceptions www.symantec.com/docs/TECH104432

 

 

How to configure Centralized exceptions:

 

 
Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 11
http://www.symantec.com/docs/TECH104326

 

Regards

Sumit G.

SOLUTION
Ashish-Sharma's picture

Why Should I Use A Centralized Exceptions Policy?

There are many reasons that you might want to create a Centralized Exceptions Policy, though here are some of the most common reasons:

  1. In order to automate administrative tasks on user machines, you use tools to hide script windows while they run in the background.
  2. IT Staff use tools such as IP scanners or key loggers for legitimate administrative purposes.
  3. You'd like to control whether your users can add program or security risk exceptions themselves.

Applications and tools that assist with automated scripting, IP Scanners and KeyLoggers are often categorized as security risks by antivirus software including Symantec Endpoint Protection.   Once SEP has been installed, it will prevent any of these types of programs that it categorizes as security risks from running, and will throw them into the quarantine. 

In nearly all companies, allowing an IT department to function normally and be able to script and automate various administrative functions can be a critical time saver.   To make sure that those needed programs that are classified by SEP as security risks are still available to your users / IT staff, you'll want to create a Centralized Exceptions Policy.

How To Create A Centralized Exceptions Policy:

Centralized Exceptions Policies can be created from within Symantec Endpoint Protection Manager.   Once you've loaded it and logged in, follow these steps:

  1. Choose the Policies tab from the left-hand menu
  2. Under View Policies, select Centralized Exceptions
  3. Right-Click in the Centralized Exceptions Policies section and choose Add
  4. In the Overview of your new policy, type a name and description for your new policy (i.e.  IT Exceptions, Security Risk Exceptions for the IT Department)
  5. Next, click on Centralized Exceptions in the left menu
  6. On this screen, you'll need to add those applications that you'd like to exclude from SEP checking.   These can be Security Risks, specific files or folders or even file extensions.  To exclude one of these items, add it and choose Ignore as the action.
  7. The third option on the left menu will allow you to configure the options that allow or deny specific Policy Groups the option to create exceptions themselves.  You can choose specific types of allowed or denied exceptions if you'd prefer.
  8. Finally, Click OK.

https://www-secure.symantec.com/connect/articles/centralized-exceptions-policies-why-use-them-and-how-configure-them

Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 11

http://www.symantec.com/business/support/index?page=content&id=TECH104326

Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 12.1

http://www.symantec.com/business/support/index?page=content&id=TECH183201

https://www-secure.symantec.com/connect/forums/how-set-sepm-central-exception-monitor-non-exe-excutable-files

http://www.symantec.com/business/support/index?page=content&id=TECH176906

Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager

 http://www.symantec.com/business/support/index?page=content&id=TECH104326

 

About the automatic exclusion of files and folders for Microsoft Exchange server and Symantec products

http://www.symantec.com/business/support/index?page=content&id=TECH102400

SEP recognizes the Exchange server and the necessary folders and files are excluded by default.
http://www.symantec.com/docs/TECH97707

Subfolders of folders that are excluded by Automatic Exclusions for Exchange are scanned

http://www.symantec.com/business/support/index?page=content&id=TECH134854

Check this thread :

http://www.symantec.com/connect/forums/sep-121-exchnage-2010-automatic-exclusions

 

 

Thanks In Advance

Ashish Sharma