Video Screencast Help

Creates exception on a folder but allow the rest of the files to be scanned ?

Created: 13 Mar 2013 • Updated: 18 Mar 2013 | 4 comments
This issue has been solved. See solution.

Hi,

Is it possible with SEP exception policy to do the following:

Create the exception not to scan binaries of an applications in C:\App1, but then any files that is created new in that directory is scanned apart from those binaries that I listed in the exception ?

WHere shall I configure that ? in the SEPm console or in the SEP client ?

 

Operating Systems:

Comments 4 CommentsJump to latest comment

.Brian's picture

If you exclude a folder, the entire folder will be exempt from scanning. It is all or nothing, you would need to exclude the entire folder.

If you want to exclude certain binaries, you would need to add them individually to the exception policy.

There is no option to scan only newly added binaries.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SOLUTION
Mohan Babu's picture

You can configure it on the SEPM so it ll be applicable for all the clients which has that policy. 

 

Creating exceptions for Antivirus and Antispyware scans

    • Note: Security Risk Exceptions are global, and apply to all Scheduled Scans as well as real-time Auto-Protect.
    1. Log into the SEPM and click Policies.
    2. Under Policies click Exceptions.
    3. Under Tasks click Add an Exceptions policy. This will create and open a new Centralized Exceptions Policy.
    4. In the left pane, click Exceptions policy and select Edit the policy under Tasks.
    5. In the policy, select Exceptions.
    6. Click the Add button to open a drop-down menu. Move the cursor over Windows Exceptions to open a second drop-down menu.
    7. Select  File.
    8. Note: if you are unsure about what type of exception to make please see the chapter entitled "Configuring Centralized Exceptions Policies" in the pdf "Administration Guide for Symantec™ Endpoint Protection and Symantec Network Access Control".
    9. Enter the appropriate information for the item to be excluded. For Extensions, File, and Folder exclusions, specify the type of scans that will be excluded from the drop down menu or menus.
    10. (Optional) Repeat steps 6 through 8 to add any other Security Risk Exceptions to the policy.
    11. Click OK.
    12. Assign the policy to a group within the SEPM.

Reference:

 

Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 12.1

http://www.symantec.com/docs/TECH183201

 

Hope this helps.........

 

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)

John Santana's picture

Cool, thanks guys for the explanation and the updates.

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

Mohan Babu's picture

Welcome always

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)