Endpoint Protection

 View Only

  • 1.  Workstation Exceptions

    Posted Oct 29, 2012 06:09 AM

    Hi, is there a way to see what are the exceptions from the workstation that users have enabled? Thanks



  • 2.  RE: Workstation Exceptions

    Posted Oct 29, 2012 06:23 AM

    See this thread:

    https://www-secure.symantec.com/connect/forums/how-confirm-centralized-exceptions-are-working-client

    And this KB article

     

    How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory

    http://www.symantec.com/business/support/index?page=content&id=TECH105814



  • 3.  RE: Workstation Exceptions

    Trusted Advisor
    Posted Oct 29, 2012 06:31 AM

    Hello,

    You as an Administrator can create different types of exceptions for Symantec Endpoint Protection.

    Any exception that you as an Administrator create takes precedence over any exception that a user might define. On client computers, users cannot view the exceptions that you create. A user can view only the exceptions that the user creates.

    See Managing exceptions for Symantec Endpoint Protection

    See Creating exceptions from log events in Symantec Endpoint Protection Manager

    Reference: http://www.symantec.com/docs/HOWTO55204

    Hope that helps!!


  • 4.  RE: Workstation Exceptions

    Broadcom Employee
    Posted Oct 29, 2012 06:41 AM

    Hi,

    Following article will help you to find out automatic and policy based exclusion

    How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory

    http://www.symantec.com/business/support/index?page=content&id=TECH105814

    As per your comment it seems that you are interested to know what exclusion end user has created? 

    You want to check it through SEPM console?



  • 5.  RE: Workstation Exceptions

    Posted Oct 29, 2012 06:53 AM

    Thank for your reply!

    Yes, I want to check the exclusions from the SEPM console if it's possible. I've see the article http://www.symantec.com/business/support/index?page=content&id=TECH105814 but it would be better to have a report. Thanks

     

    Lorenzo



  • 6.  RE: Workstation Exceptions

    Posted Oct 29, 2012 07:38 AM

    There is no such report in SEPM. Perhaps you can add as an Idea.



  • 7.  RE: Workstation Exceptions

    Broadcom Employee
    Posted Oct 29, 2012 07:56 AM

    Hi,

    Unless you will provide an access clients can not create an centralized exception.

    However at this point there is not any report you can refer to find out AV exclusions specifically created by end user with machine details.

    However idea can be raised as Brian said.

     



  • 8.  RE: Workstation Exceptions

    Posted Oct 29, 2012 07:57 AM

    Agree with above comments. In our environmet we disabled the option of adding exlusion by the clients. We exclude the files and folders only through SEPM.

    To answer your question you can check the registry keys on the client machine for the user defined exceptions.

    Go to this key, HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Exclusions and under that key check for client.