Endpoint Protection

 View Only

  • 1.  Use of Wildcards an Option?

    Posted Sep 02, 2009 05:35 AM
    Hey,

    We're having a problem with Adobe In-Design where when a user opens a file, File System Auto Protect is scanning it and causing the opening process to take a long time.

    I'm pretty certain this is being caused by the file being cached on the local machine in the local user's Application Data\Adobe folder and being scanned in there (Network drive scanning is off.)

    Is there a way for me to add a wildcard to SEP 11's Centralized Exceptions so that this folder is not scanned for all users (not the All Users folder,) so for example:

    C:\Documents & Settings\john.smith\Application Data\Adobe\

    C:\Documents & Settings\paul.jones\Application Data\Adobe\

    Both of these folders would not be scanned for viruses.

    In AD this would be done using C:\Documents & Settings\%username%\Application Data\Adobe, can SEP 11 do this?

    I've looked in the Centralized Exceptions and there is [COMMON_APPDATA] but I believe that only ignores All Users\Application Data, which is not what I need.

    We are running Symantec_Endpoint_Protection_11.0.4202_MR4_MP2.

    Thanks in advance.


  • 2.  RE: Use of Wildcards an Option?

    Posted Sep 02, 2009 06:00 AM
    You may try this option if this does not work , we shall procedure further.

    click on policies

    ---Antivirus and antispyware

    ---Select File system autoprotect

    --click Advanced scanning options

    --Check scan when file is modified ( checking scan when file is acccess or modified causes the slowness)

    apply this polices lets see if there is an improment.




  • 3.  RE: Use of Wildcards an Option?

    Posted Sep 02, 2009 06:01 AM
    its advanced scannign and monitoring



  • 4.  RE: Use of Wildcards an Option?

    Posted Sep 02, 2009 06:03 AM
    Hi Rafeeq,

    Thanks for the reply, but won't this affect every file that is accessed rather than just ignoring the folder?


  • 5.  RE: Use of Wildcards an Option?

    Posted Sep 02, 2009 06:05 AM
    Hello Brascatmalarky.
    I have similar problem in my company. We have desinators and they have a lots of folders. I did like this
    first exclude files extensions (it use like *.dpr) 
    second exclude folders like you said  (c:\program files\.... )
    i prefer extensions. because as you well know all viruses choice exe files or office files.
    Ps: this is only my idea. because i did like this.
    Thank you


  • 6.  RE: Use of Wildcards an Option?

    Posted Sep 02, 2009 06:17 AM
    this would affect all the files being accessed.

    what u said was correct when we are accessing, its scanning the cache and making it to open slower..

    when we uncheck this option , the file wil not be scanned when opened but if you make some change and close it..it wil be scanned and then saved.. autoprotect does that.


    like windows we cannot do it for users

    policies are applied for groups

    you can change the computer mode to user mode..apply this policy to only those users.

    create a new group . move affected computers to those group
    change them to user mode ( policies are applied to users only , not to computer ) 
    make this policy and apply...

    let me know if this works..