Hi, is there a way to see what are the exceptions from the workstation that users have enabled? Thanks
See this thread:
And this KB article
Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.
You as an Administrator can create different types of exceptions for Symantec Endpoint Protection.
Any exception that you as an Administrator create takes precedence over any exception that a user might define. On client computers, users cannot view the exceptions that you create. A user can view only the exceptions that the user creates.
See Managing exceptions for Symantec Endpoint Protection
See Creating exceptions from log events in Symantec Endpoint Protection Manager
Associate Security Architect
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3
Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.
Following article will help you to find out automatic and policy based exclusion
How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory
As per your comment it seems that you are interested to know what exclusion end user has created?
You want to check it through SEPM console?
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<
Thank for your reply!
Yes, I want to check the exclusions from the SEPM console if it's possible. I've see the article http://www.symantec.com/business/support/index?page=content&id=TECH105814 but it would be better to have a report. Thanks
There is no such report in SEPM. Perhaps you can add as an Idea.
Unless you will provide an access clients can not create an centralized exception.
However at this point there is not any report you can refer to find out AV exclusions specifically created by end user with machine details.
However idea can be raised as Brian said.
Agree with above comments. In our environmet we disabled the option of adding exlusion by the clients. We exclude the files and folders only through SEPM.
To answer your question you can check the registry keys on the client machine for the user defined exceptions.
Go to this key, HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Exclusions and under that key check for client.