Endpoint Protection

Good afternoon,

    Just looking to see if this is even an option or someything I can move to a good idea. Currently in our SEPM we have many exception groups that are created depending on individual application that the vendor requires them. From one standpoint it is convenient to have each group named by the application however, that means it is a pain to manage. So I am changing our groups to basically a standard SEP group, a group for exceptions, test group.....

    I would like to be able to annotate what application each exception is for for tracking and audit purposes. However, I do not see a descriptionspace available when I create the individual exceptions. Has any had a better way of doing this?

Currently on SEP 14.2.770 on Server 2016. Environment uses mix of OS

This option does not currently exist. You can create a product enhancement if you'd like but I've seen it asked about a few times.

This has been listed as an enhancement request for a very long time. Please vote for the idea here: https://www.symantec.com/connect/ideas/exception-list-should-contain-comment-field

While a bit of a pain to manage, I'd still think that specialisd exceptions policy is security beat practice.  A generic policy would mean a great deal of the exceptions would be aplied to machines that do not require them, and you're effectively putting blindspots into SEP where they are not needed.

I'm sure you've already considered this, but the only way comments for individual exceptions is required, is when you're bundling lods of exceptions together (again, not best practice.)  Perhaps this is why the IDEA has not been implemented (like you say, it's been around a while now)?