Endpoint Protection

 View Only

  • 1.  Exclusion for Zenworks - Looking for input

    Posted Apr 15, 2013 11:59 AM

    Good Morning All,

     

    I am wondering if anyone else out there is running Zenworks in their environment and using it to deploy SEP.  I have a couple of questions regarding how others have set-up their environment.

     

    1. EXCLUSIONS: How did you go about setting up exclusions for Zenworks?  I used the following document from Novell and had some questions about how to set-up some of the exclusions.

     

    http://www.novell.com/support/kb/doc.php?id=7007545

     

         a. How do you set-up a file exclusion for something like this?  %ZENWORKS_HOME%\esm\*.*  I excluded the entire folder from being scanned.

         b. Any suggestions for setting up an exclusion for the following "%ZENWORKS_HOME%\cache\zmd\*.appstate"? I excluded the file type ".appstate", is this a bad idea?

         c. For excluding the following file types "%ZENWORKS_HOME%\bin\analyze.exe" I created an Application monitor to log.  Would this be the correct route to go, or should I set-up a file exclusion for specific applications?

     

    2. We are having an issue when deploying SEP.  Apparently there is a Dynamic Admin that is used by Novell to install SEP.  Post install, there is an Error Message stating that a .vbs script could not run.  I assume this is an error because of SEP and the dynamic admin account that runs to do the installation.  I want to supress this error, has anyone else seen this with Zenworks?

     

    We are running Zenwork 11.2.2 and SEP 12.1.2100.2093. 

     

    Joe

     



  • 2.  RE: Exclusion for Zenworks - Looking for input

    Trusted Advisor
    Posted Apr 15, 2013 01:24 PM

    Hello,

       a. How do you set-up a file exclusion for something like this?  %ZENWORKS_HOME%\esm\*.*  I excluded the entire folder from being scanned.

    Sounds good.

         b. Any suggestions for setting up an exclusion for the following "%ZENWORKS_HOME%\cache\zmd\*.appstate"? I excluded the file type ".appstate", is this a bad idea?

    I am not sure if that is a great idea.

         c. For excluding the following file types "%ZENWORKS_HOME%\bin\analyze.exe" I created an Application monitor to log.  Would this be the correct route to go, or should I set-up a file exclusion for specific applications?

    It is suggested to create an "Monitor an application to create an exception for the application"

    Check these Articles:

    Applying a rule to specific applications and excluding applications from a rule

    http://www.symantec.com/docs/HOWTO80722

    Creating exceptions for Symantec Endpoint Protection

    http://www.symantec.com/docs/HOWTO80919

    Secondly, Check these Links:

    Symantec Anti Virus exclusions for ZENworks 10 or 11"   

    http://www.novell.com/support/kb/doc.php?id=7008069

    "Recommended ZCM Anti-Virus Exclusions"    

    http://www.novell.com/support/kb/doc.php?id=7007545

    Hope that helps!!