Endpoint Protection

We have been having trouble with SONAR quaranting our internal application. Our application is stored at %LocalAppData%\Company. Our network admin didn't think you could use enviroment variables to setup folder rules but it looks like you can now:
https://www.symantec.com/business/support/index?page=content&id=TECH92440

He is still unsure how to do it. I was playing around with my local SEP client (I don't know what the management piece looks like) and when i try to add a SONAR folder exception i just get a "browse for folder" dialog. I can't just type the path in.

Can anyone help providing some instructions? We are using SEP 12.1.

thanks,

Ncage

FYI:

Adding each user directory (which will be different for every user) is way to much work and something our network admins are unwilling to do. If for some reason we can't exclude a folder under %localappdata% if we can set an exclusion by file name (just as long as it doesn't make you specify a path) would probably work

Hi Ncage,

Here are some documents that describe what it is possible to do, and also hwo you can prevent these detections:

Exclusion Guidelines for Symantec Endpoint Protection 12.1
Article: TECH171061   |  Created: 2011-10-04   |  Updated: 2011-10-04   | 
Article URL http://www.symantec.com/docs/TECH171061 
 

Handling and preventing SONAR false positive detections
Article: HOWTO55273   |  Created: 2011-06-29   |  Updated: 2011-12-17   | 
Article URL http://www.symantec.com/docs/HOWTO55273

Symantec Endpoint Protection 12.1 SONAR - Proactive Threat Protection or Download Insight False Positive Corrections
Article: TECH168849   |  Created: 2011-09-05   |  Updated: 2011-12-13   | 
Article URL http://www.symantec.com/docs/TECH168849

The best advice, in a nutshell: digitally sign that application!

Hope this helps!