Endpoint Protection Small Business Edition

 View Only
Back to discussions
Expand all | Collapse all

SEP SBE Cloud Exclusions

  • 1.  SEP SBE Cloud Exclusions

    Posted Feb 10, 2015 02:30 PM

    I need to exclude a folder on each client workstation from being scanned by Symantec Endpoint Security Small Business Edition. The name of this folder is different on each computer.  I am using the cloud management portal.

    It appears that I have to create a Group and a specific Policy for each of the computers that I need to do this on. What I am trying to achieve is a group called"Monitored Employees" with specific client workstations being members of this group. For each client workstation, I need to exclude a sub-folder in the Windows directory that varies in name on each computer.

    Can I create a policy for each workstation but have them be members of the same group?

    What is the easiest way to do this?  I have tried everything but cant seem to get this to work.



  • 2.  RE: SEP SBE Cloud Exclusions

    Posted Feb 10, 2015 02:34 PM

    I believe only 1 policy per group. So you would need to add an exclusion for each workstation.



  • 3.  RE: SEP SBE Cloud Exclusions

    Posted Feb 10, 2015 02:45 PM

    Thanks for the quick response.  That just doesn't make sense.  I just switched from ESET Endpoint Protection where it was simple to exclude any folder, file, etc. on each individual client.  Now, using SEP SBE this simple task seems much harder.  Is there any way I can make an exclusion locally on the client instead of trying to push it from the clound management portal?  I'm still trying to learn my way around this software.  I am trying to avoid creating a group and a policy for each client.



  • 4.  RE: SEP SBE Cloud Exclusions

    Posted Feb 10, 2015 02:51 PM

    Thanks for the quick response.  It just doen't make sense to me that I have to create a group and a policy for each client workstation.  I just switched from another product where it was simple to exclude any folder, file, etc. from each workstation.  Is there a way to configure a folder exclusion locally on each client workstation rather than trying to push it from the cloud management portal?



  • 5.  RE: SEP SBE Cloud Exclusions

    Posted Feb 10, 2015 02:56 PM
      |   view attached

    You shouldn't have to create multiple policies. You can put all your exclusions in one policy and apply to the group of machines. Of course since this is a specific user directory, they won't all apply to each machine.

    Sadly, wildcards cannot be used in exceptions.

    Check out page 40 of the user guide

     

    Attachment(s)

    pdf
    SEP.cloud_AdministratorGuide_2.pdf   1.05 MB 1 version


  • 6.  RE: SEP SBE Cloud Exclusions

    Posted Feb 10, 2015 04:29 PM

    Thanks again for your help.  I read the document that you linked before I posted my original message but didn't understand how the exclusions get applied to an individual client. I guess it doesn't matter if there are exclusions for a directory that doesn't exist on a particular client computer. I'll give your recommendation a try and see if it works. 



  • 7.  RE: SEP SBE Cloud Exclusions

    Broadcom Employee
    Posted Feb 11, 2015 08:32 AM

    Hi,

    Thank you for posting in Symantec community.

    Q.Can I create a policy for each workstation but have them be members of the same group?

    --> I believe it's not possible through SEP.cloud portal.

    Symantec Small Business Edition .Cloud hosted portal allows the creation of the three types of exclusions. Sub folders are with different names then you will have to exclude parent folder.

    Folder Exclusions will make sure everything contained in the folder is not affected by scheduled scans, Sonar and auto-protect. This is especially useful for a database folder that has constant disk I/O.


    File Exclusions are useful when legitimate files are being detected as threats, or will need to be excluded from Sonar detection. Unlike folder exclusions which completely disregard the contents of a folder, excluded files are still accessed during scheduled scans for the purpose of determining their identity.


    Extension Exclusions are used to help prevent the quarantine of legitimate files and to also increase performance of software that may use proprietary file extensions. These exclusions are especially useful if these file types are sent over a local network.

    Reference: SEP SBE .Cloud: Creating Custom Exclusions

    http://www.symantec.com/docs/TECH214005

    However in this case you can manually create custom exclusions at end user machines. 

     



  • 8.  RE: SEP SBE Cloud Exclusions
    Best Answer

    Posted Feb 12, 2015 10:20 AM

    Brian's response is the correct solution - one policy, multiple folder entries.

    While Symantec offers several "predefined path variables" (as described in the Administrator Guide), you cannot use wildcards, nor can you use your own Windows Environment variables in these exclusions.

    Of course, I am curious: What di your systems administrator see fit to put into a C:\Windows\computer-name folder that you feel is necessary to exclude from scanning?



  • 9.  RE: SEP SBE Cloud Exclusions

    Posted Feb 12, 2015 10:33 AM

    Kahml,

     

    It is employee monitoring software and I do not have a choice where it gets installed.  I'd rather not put anything in the Windows directory but am not given an option for a different path.



  • 10.  RE: SEP SBE Cloud Exclusions

    Broadcom Employee
    Posted Feb 12, 2015 12:53 PM

    Apologize for the inconvenience. I would suggest to place a new enhancement request to achieve it through management console.

    https://www-secure.symantec.com/connect/node/add/idea

    Also I have sent PM to you to create manual exclusion at end user machine.



  • 11.  RE: SEP SBE Cloud Exclusions

    Broadcom Employee
    Posted Feb 23, 2015 05:00 AM

    Is there any update?

    OR

    If issue has been resolved could you mark this thread as a solved with the best answer that helps you :)