Endpoint Protection

 View Only

  • 1.  Exluding specific folder from SEP scan

    Posted Aug 03, 2015 08:20 AM

    Hello,

    I have SEPM 12.1.5 with 300 SEP clients on several locations.

    I need to exclude from schedule scan "users desktop" and "users documents" folders for all workstation in a specify group.

    I see "Centralized Exception" solution but i read on symantec forum :

    The SEP client does not support the use of UNC paths in exceptions.

    I found two prefix : COMMONDESKTOP_DIRECTORY and COMMON_DOCUMENTS.

    Someone has already use them ?

     

    Are there other solutions ?

    Thanks.

     

    Sébastien

     



  • 2.  RE: Exluding specific folder from SEP scan

    Posted Aug 03, 2015 08:22 AM

    Not possible, they needed to be added for each individual user. This has been a limitation in SEP since the beginning but it is what it is at this point.

    Many have asked for this as well but it has not yet been implemented.



  • 3.  RE: Exluding specific folder from SEP scan

    Posted Aug 03, 2015 08:27 AM

    Hi, as Brian said. Its not possible. See below:

    Which variables and wildcards does Endpoint Protection allow in Centralized Exception Policies? http://www.symantec.com/docs/TECH106068

    Regards,



  • 4.  RE: Exluding specific folder from SEP scan

    Posted Aug 03, 2015 08:31 AM

    Same here for some time now. Really wish this was possible. It would save a ton of time as I have to go through and add manually for each.



  • 5.  RE: Exluding specific folder from SEP scan

    Posted Aug 03, 2015 09:10 AM

    I'd agree with you about the time you 'd save creating those exception. From a security view, that's not safe to exclude a user desktop/documents from being scanned. Usually users saves the bad guys on those ones. One of the reasons for not allowing those is related to performance issues. Check about the Accepted and predefined Prefix variables inside the SEPM Exceptions policy.

     

    Regards,



  • 6.  RE: Exluding specific folder from SEP scan

    Posted Aug 03, 2015 09:12 AM

    True but it should be up to admin's discretion.



  • 7.  RE: Exluding specific folder from SEP scan

    Broadcom Employee
    Posted Aug 03, 2015 10:09 AM

    Hi,

    Thank you for posting in Symantec community.

    It is not possible to setup a custom scan through the Antivirus and Antispyware Policy in SEP Manager Console that will scan only one single folder as it offers only a common system locations.
    It is possible to setup a custom scan that will scan one single folder only locally, on client machine through the SEP graphic user interface (GUI).
     
    1. Open SEP client GUI,
    2. Click on “Scan for threats”,
    3. Click on “Create a New Scan”,
    4. Check “Custom Scan” radio button and click “Next”,
    5. Browse to folder you would like to be scanned and select it,
    6. Click “Next”,
    7. On the “Scan Options” window  if needed choose additional scan options  and click “Next”
    (Note. If a memory scan is not needed, deselect Scan Enhancement options),
    8. On the “When to Scan” window choose how and when scan should be triggered and click “Next”,
    9. If on previous window  “At specified times” option will be selected, setup a schedule for the scan and  click “Next”,
    10. On the “Scan Name” window in the “Scan Name” field write name for the scan and click “Finish”.
     
    This apply for both self-managed and managed SEP clients.
     
    This article can be a reference guide with screenhots: http://www.symantec.com/docs/TECH96071