Endpoint Protection

 View Only

  • 1.  Symantec products need a better way to handle cookies.

    Posted Jun 10, 2009 06:44 PM

    Is there a way to force Symantec products to ignore certain cookies during a scan?  I've noticed that in both Norton Internet Security 2009 and Symantec Endpoint Protection 11, these products want to handle cookies in two ways:  delete all cookies or ignore all cookies.  There is no option to delete or retain specific cookies.

    Does Symantec not understand that there are certain cookies that are actually useful and do not contain personally identifiable information?

    For example, I use tvguide.com's online schedule.  It uses a cookie to maintain certain configuration setttings.  The most sensitive thing it collects is a ZIP code so that it can set up your local channel lineup.  Why should this cookie be treated as a security risk?  Also, there are some sites I visit that always require you to log in.  They use cookies to store your username and password so that you don't have to input it every time.  I don't care if anyone accesses these cookies.  Why can't Symantec let me decide if these cookies are a security risk?

    Please, Symantec, add the option to mark certain cookies as safe or find some other way to easily manage cookies. 



  • 2.  RE: Symantec products need a better way to handle cookies.

    Posted Jun 10, 2009 06:53 PM
    In SEP, you can make "tracking cookie" a centralized exception and set it to ignore it.
    It would be nice to have exceptions made per site.

    Add it as an idea using the ideas tab.


  • 3.  RE: Symantec products need a better way to handle cookies.

    Posted Jun 11, 2009 03:28 AM
    Keep it in Centralized exception list


  • 4.  RE: Symantec products need a better way to handle cookies.

    Posted Jun 11, 2009 12:22 PM
    Using the Centralized Exceptions list is pointless.  You are forced to create an exception for all tracking cookies.  You cannot specify cookies from specific sites.  I even tried to create an exception for the specific cookie file but it appears that you can't even do that.  Unless I'm missing something, SEP will only allow you to create an exception for the entire "Temporary Internet Files" folder.


  • 5.  RE: Symantec products need a better way to handle cookies.

    Posted Jan 12, 2010 05:46 AM
    Centralized is fine for NMCI or a Corporate Managed. But, it **MUST** have better options for Client Managed.

    Right not it is wiping both my Banking ID's and my TV Guide both of which I use at home extensively.

    I want to keep Active Scan Enabled... And, I want it to find stuff cCleaner may have missed or if I haven't run cCleaner got there in thre interim.

    Mike Sr.