Endpoint Protection

 View Only

  • 1.  Creates exception on a folder but allow the rest of the files to be scanned ?

    Posted Mar 13, 2013 07:38 PM

    Hi,

    Is it possible with SEP exception policy to do the following:

    Create the exception not to scan binaries of an applications in C:\App1, but then any files that is created new in that directory is scanned apart from those binaries that I listed in the exception ?

    WHere shall I configure that ? in the SEPm console or in the SEP client ?

     



  • 2.  RE: Creates exception on a folder but allow the rest of the files to be scanned ?
    Best Answer

    Posted Mar 13, 2013 07:44 PM

    If you exclude a folder, the entire folder will be exempt from scanning. It is all or nothing, you would need to exclude the entire folder.

    If you want to exclude certain binaries, you would need to add them individually to the exception policy.

    There is no option to scan only newly added binaries.



  • 3.  RE: Creates exception on a folder but allow the rest of the files to be scanned ?

    Posted Mar 13, 2013 09:36 PM

    You can configure it on the SEPM so it ll be applicable for all the clients which has that policy. 

     

    Creating exceptions for Antivirus and Antispyware scans

      • Note: Security Risk Exceptions are global, and apply to all Scheduled Scans as well as real-time Auto-Protect.
      1. Log into the SEPM and click Policies.
      2. Under Policies click Exceptions.
      3. Under Tasks click Add an Exceptions policy. This will create and open a new Centralized Exceptions Policy.
      4. In the left pane, click Exceptions policy and select Edit the policy under Tasks.
      5. In the policy, select Exceptions.
      6. Click the Add button to open a drop-down menu. Move the cursor over Windows Exceptions to open a second drop-down menu.
      7. Select  File.
      8. Note: if you are unsure about what type of exception to make please see the chapter entitled "Configuring Centralized Exceptions Policies" in the pdf "Administration Guide for Symantec™ Endpoint Protection and Symantec Network Access Control".
      9. Enter the appropriate information for the item to be excluded. For Extensions, File, and Folder exclusions, specify the type of scans that will be excluded from the drop down menu or menus.
      10. (Optional) Repeat steps 6 through 8 to add any other Security Risk Exceptions to the policy.
      11. Click OK.
      12. Assign the policy to a group within the SEPM.

    Reference:

     

    Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 12.1

    http://www.symantec.com/docs/TECH183201

     

    Hope this helps.........

     



  • 4.  RE: Creates exception on a folder but allow the rest of the files to be scanned ?

    Posted Mar 19, 2013 01:04 AM

    Cool, thanks guys for the explanation and the updates.



  • 5.  RE: Creates exception on a folder but allow the rest of the files to be scanned ?

    Posted Mar 19, 2013 04:17 PM

    Welcome always