Workstation Exceptions
Created: 29 Oct 2012 | 7 comments
Hi, is there a way to see what are the exceptions from the workstation that users have enabled? Thanks
Discussion Filed Under:
Hi, is there a way to see what are the exceptions from the workstation that users have enabled? Thanks
Comments 7 Comments • Jump to latest comment
See this thread:
https://www-secure.symantec.com/connect/forums/how-confirm-centralized-exceptions-are-working-client
And this KB article
How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory
http://www.symantec.com/business/support/index?page=content&id=TECH105814
SEP Knowledge Base
Endpoint SWAT
Hello,
You as an Administrator can create different types of exceptions for Symantec Endpoint Protection.
Any exception that you as an Administrator create takes precedence over any exception that a user might define. On client computers, users cannot view the exceptions that you create. A user can view only the exceptions that the user creates.
See Managing exceptions for Symantec Endpoint Protection
See Creating exceptions from log events in Symantec Endpoint Protection Manager
Reference: http://www.symantec.com/docs/HOWTO55204
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Hi,
Following article will help you to find out automatic and policy based exclusion
How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory
http://www.symantec.com/business/support/index?page=content&id=TECH105814
As per your comment it seems that you are interested to know what exclusion end user has created?
You want to check it through SEPM console?
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Thank for your reply!
Yes, I want to check the exclusions from the SEPM console if it's possible. I've see the article http://www.symantec.com/business/support/index?page=content&id=TECH105814 but it would be better to have a report. Thanks
Lorenzo
There is no such report in SEPM. Perhaps you can add as an Idea.
SEP Knowledge Base
Endpoint SWAT
Hi,
Unless you will provide an access clients can not create an centralized exception.
However at this point there is not any report you can refer to find out AV exclusions specifically created by end user with machine details.
However idea can be raised as Brian said.
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Agree with above comments. In our environmet we disabled the option of adding exlusion by the clients. We exclude the files and folders only through SEPM.
To answer your question you can check the registry keys on the client machine for the user defined exceptions.
Go to this key, HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Exclusions and under that key check for client.
Would you like to reply?
Login or Register to post your comment.