Endpoint Protection

 View Only

  • 1.  Client Exclusions - Best Practice for Windows XP and Windows 7 (and maybe servers)

    Posted Dec 02, 2009 05:20 AM
    Hello everyone,

    i have some problems with some of my clients and i'm curious about your exclusion settings.
    We had some terrible blue screens (with no more booting windows) in the last couple month and we don't know which program messes around with the OS install.

    In worst case we think that all single security and maintainance programs have to do with it:
    O&O Defrag 10 with "OneButtonDefrag" activated
    Sophos/Utimaco Safeguard Enterprise
    and SEP 11 MR4

    I came across an article of a blogger named Daniel Melanchthon which recommends some exceptions:
    This one is in german:
    http://blogs.technet.com/dmelanchthon/archive/2009/11/13/was-virenscanner-nicht-scannen-sollten.aspx

    But it also has 2 english articles linked:
    http://support.microsoft.com/kb/822158/en-us
    http://support.microsoft.com/kb/943556/en-us

    Does SEP already have some included exceptions ?
    And why is it so difficult to except single filenames? When i'd follow all these instructions this would be a never ending list and much work. So is there an exception list that follows all the Microsoft rules and is ready for import ?

    Greets
    Stephan


  • 2.  RE: Client Exclusions - Best Practice for Windows XP and Windows 7 (and maybe servers)
    Best Answer

    Posted Dec 02, 2009 05:27 AM
    Exclusion policies are there but its only for servers there is no recommended exclusion for clients ( xp,vista, win7 )

    here you can find the policies
    http://www.symantec.com/business/support/endpointsecurity/migrate/SEP_SBS2003_BestPractice_PolicyFiles_MR2.zip


  • 3.  RE: Client Exclusions - Best Practice for Windows XP and Windows 7 (and maybe servers)

    Posted Dec 02, 2009 05:35 AM

    Title: 'How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory'
    Document ID: 2008090512574448
    > Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2008090512574448?Open&seg=ent


  • 4.  RE: Client Exclusions - Best Practice for Windows XP and Windows 7 (and maybe servers)

    Posted Dec 02, 2009 06:08 AM
    Below doc will help you in creating exceptions
    Creating Centralized Exception policies in Symantec Endpoint Protection Manager. 


  • 5.  RE: Client Exclusions - Best Practice for Windows XP and Windows 7 (and maybe servers)

    Posted Dec 02, 2009 12:01 PM

    Thanks for your respones. I will tryout to import and thes the BestPractice Files.

    Also great tip with the automated exclusions.

    I already know how to add them. But for single files it's much work. Tomorrow i will post an idea how i think it should work :)

    I think they should be selectable from the policy editor and then you can add them (maybe with recognition of "windows paths")

    Have a nice evening

     

    Greets from Germany

    Stephan