Exlusion of some DB files from Scanning using centralized policy Exceptions - Not working
Created: 04 Aug 2010 | 7 comments
Exlusion of some DB files from Scanning using centralized policy Exceptions doesnt seems to be working in my case.
I have created a centralized policy of this type and created a group and assign the policy.
Exception Details
Exception Item: ndf, ldf, mdf
Exception type: Security Risk Extensions
Action: Ignore
However it doesnt work. I did verify in two target machines using the following and values are not there! Any idea, do I need to reinstall the client???
https://www-secure.symantec.com/connect/articles/centralized-exceptions-policies-why-use-them-and-how-configure-them
HKEY_LOCAL_MACHINE\SOFTWARE\SYMANTEC\SYMANTECENDDPOINT PROTECTION\AV\EXCLUSIONS
How to log all files and directories scanned during On-Demand / Scheduled Scan with Symantec Endpoint Protection 11.0
http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/eef30eaaef13981d802573b5005051f7?OpenDocument
Discussion Filed Under:
Comments
Get the vpdebug log from the server and you can verify that.
http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/ffc86f19625edf8d8825739500054b9f?OpenDocument
Prachand Kumar MCSE-2003 Symantec Technical Specialist (SCTS)
Enter subject (optional)
Can you provide us a screen shot of the exceptions you created.also assure that you are assigned centralized exception policy to the group which is client is present and the client is received that policy(You can use policy sl. no for finding this)
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Please find attached screen shot requested.
I can confirm that Policy is assign to target group. and that target clients are inside the group.
Also, I refresh update the policy just to be sure. I just enabled logging (ALL) and trigger the Scan from the SEP mgmt console. Waiting for a while just to collect some logs.
tks,
No joy, after checking the result of the logs, I can confirm that exclusions doesnt work.
anybody who has more idea?
In the client go to help and support-->troubleshooting and you can find out the policy sl. no.Match it with the policy sl. no in the SEPM(Clients---><<<corresponding group which the client sits>>-->details)
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Try creating local Client Side Exclusions
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Hi
Try this one
if you are using old SEPM and client SEP version then upgrade to latest version.
then check from both side are they getting right policy.
http://service1.symantec.com/support/ent-security....
Viewing the policy serial number
You should check the policy serial number on the client to see if it matches the serial number that appears in the management console. If the client communicates-
-
-
-
On the client computer, in the client user interface, click on the Help and Support button, select Troubleshooting.
-
In the Management section, look at the policy serial number.
with the management server and receives regular policy updates, the serial numbers should match.
If the policy serial numbers do not match, you can try to manually update the policies on the client computer and check the troubleshooting logs.
To view the policy serial number in the management console
1. In the management console, click Clients.
2. Under "View Clients", select the relevant group, and then select the Details tab.
The policy serial number and the policy date appear at the bottom of the details list.
To view the policy serial number on the client
The serial number should match the serial number of the policy that the management server pushes to the client.
Would you like to reply?
Login or Register to post your comment.