Endpoint Protection

 View Only
  • 1.  Tamper protection exception based on file fingerprint??

    Posted Aug 23, 2011 08:31 AM

    Is it possible to do this??

    I got rid of tamper protection notifications by excluding the actual drwtsn32.exe file, but I've read that excluding or checking the file's fingerprint is better since malware could change the file or filename of drwtsn32.exe.

    Is creating exceptions according to file fingerprint documented anywhere for SEP 12.x??

    Thank you, Tom



  • 2.  RE: Tamper protection exception based on file fingerprint??

    Trusted Advisor
    Posted Aug 23, 2011 08:40 AM

    Hello,

    Creating a Tamper Protection Exception specifically with File fingerprint is not possible.

    However, there are other exceptions, which could be created with help of File fingerprint

    Check this Article for SEP 12.1:

    Creating exceptions for Symantec Endpoint Protection

    Hope this Helps!!



  • 3.  RE: Tamper protection exception based on file fingerprint??

    Posted Aug 23, 2011 08:57 AM

    You can only do it with system lockdown or using an application control policy.

    There is no way to add a tamper protection exception based on the fingerprint.