Endpoint Protection

 View Only
  • 1.  Question about exempting folders from scanning

    Posted Aug 28, 2014 10:27 AM

    Hi,

    Sorry for the newbie question, but I have PBX servers that are very latency sensitive. The vendor had us exempt a bunch of folders from active scanning, which is fine.  My question is, does this affect full scans that I would do over the weekend at night? Will the exemptions that are in place on the server keep the full scan from scanning those folders?

    Thanks,

    Larry



  • 2.  RE: Question about exempting folders from scanning

    Posted Aug 28, 2014 10:30 AM

    Yes, they will be skipped (not scanned) for the full scan, just make sure you select for all scans:

    Untitled_12.jpg

    And apply the policy to your group

    You can verify in the registry that the exclusion is in place:

    How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory



  • 3.  RE: Question about exempting folders from scanning

    Posted Aug 28, 2014 10:53 AM

    Ok, I'm a little closer... Maybe I should clarify. I want the folders exempted from real-time scanning during business hours, but I want to be able to do a comprehensive scan at night that includes the entire server, even those folders excluded from real-time scanning. Is that possible? I ask because we don't have an SEP expert on board, and as this directly affects my near-and-dear PBX servers, I want to understand my limitations. We put exemptions in place to facilitate day-to-day operation, but I really need to do an occasional FULL scan to make myself secure, and I'm not sure if I can have both.

    Thanks!

    Larry

    P.S. Someone else here manages the SEP system, so I am kind of in-the-middle in this converstaion, I am not allowed to interact with it directly, so I did not set up the exclusions myself, just requested tehm, so I am not fluent with the interface at all. Though I appreciate the snapshot!



  • 4.  RE: Question about exempting folders from scanning

    Posted Aug 28, 2014 10:58 AM

    Yea that wouldn't be possible, sorry



  • 5.  RE: Question about exempting folders from scanning

    Posted Aug 28, 2014 10:59 AM

    Not possible, once excluded they are excluded from all kind of scans

    Creating exceptions for Symantec Endpoint Protection

    http://www.symantec.com/business/support/index?page=content&id=HOWTO80919#v39814459



  • 6.  RE: Question about exempting folders from scanning

    Posted Aug 28, 2014 12:48 PM

    I want the folders exempted from real-time scanning during business hours, but I want to be able to do a comprehensive scan at night that includes the entire server, even those folders excluded from real-time scanning.

    Well, it's not exactly possible because you cannot schedule real-time scanning (Auto-Protect). You can only turn it on or off. However, it's possible to generally exclude a folder from Auto-Protect scans while scheduled scans are still working on it. To do this, exclude the folder scans only for Auto-Protect in your exception policy:

    folder01.jpg

    "Security Risk" means conventional antivirus scanning in this context.

    And in your Virus and Spyware Protection policy, you need to create an appropriate scheduled scan. It should not be touched by the setting above and will scan the C:\MyFolder folder.

    P.S.: I am aware of the fact that you are not in direct touch with the SEPM GUI, but the snapshot may help to understand what I mean smiley