Video Screencast Help
Search Video Help Close Back
to help
Not able to make it to Vision this year? Get a sampling in the Best of Vision on Demand group.

Process Exceptions

Created: 13 Jul 2009 | 5 comments
PhilUT's picture
PhilUT
3 Agree
1 Disagree
+2 4 Votes
Login to vote

Much like the competition does, it would be good to have Process Exceptions that would say SQLSERVER.EXE is safe, don't touch it or any of the files it touches.

Idea Filed Under:
, ,

Comments

Jeremy Dundon's picture
24
Jul
2009
1 Vote +1
Login to vote
Jeremy Dundon
Symantec Employee
Accredited

This already exists

There is a Centralized Exceptions policy in the SEPM for exactly this purpose.

PhilUT's picture
02
Sep
2009
0 Votes 0
Login to vote
PhilUT

Not according to support...

Centralized Exceptions for processes are only for truscan, not AntiVirus, which will also glom onto any process and see what files it is touching.

Jeremy Dundon's picture
02
Sep
2009
1 Vote +1
Login to vote
Jeremy Dundon
Symantec Employee
Accredited

partially correct

You can make single file exceptions for AntiVirus that stop the AntiVirus from scanning a specific file, but you must include the full path for that file (though you can use system variables).

pebcak's picture
14
Feb
2011
0 Votes 0
Login to vote
pebcak
Accredited

The concept of trusting a

The concept of trusting a process and anything it touches rings true with McAfee customers.  That functionality exists in such a fashion.  Ignore the process and anything it touches is much needed.

Senior Consultant @ Creative Breakthroughs, Inc. a Symantec Platinum Partner

http://www.cbihome.com/

Jeremy Dundon's picture
14
Feb
2011
0 Votes 0
Login to vote
Jeremy Dundon
Symantec Employee
Accredited

"and anything it touches"

"and anything it touches" leaves you very vulnerable to dll injection type attacks.

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
269,993