ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
How to Exclude / Whitelist URL in Symantec Data Loss Prevention
Article ID: 171330
Updated On:
Products
Data Loss Prevention Enforce
Data Loss Prevention
Data Loss Prevention Endpoint Prevent
Issue/Introduction
Customer would like to exclude URL from inspection/scan.
Resolution
This can be done multiple ways
- Via Policy
- Via Protocol
- Via Agent Configuration
Via Policy
- Under Policies in the Enforce UI, click on the Policy you want to modify
- Click Add Exception
- Set the exclusion to Identity > Recipient Matches Pattern
- Click 'Next'
- In the URL Domain field add the domain you want to exclude; for the domain (example yahoo.com or mail.yahoo.com)
Via Protocol
- Click System > Setting > Protocol
- Select protocol ex: HTTP drop down
- Click Filtering header
- Use the Minus Sign for exclusions
- -symantec.com to exclude scanning symantec.com
Via Agent Configuration
- Click System > Setting > Agent Configuration
- Select configuration
- Scroll down to Filter by Network Properties
- Use the Minus Sign for exclusions
- -symantec.com to exclude scanning symantec.com | Wild cards can also be used to assist with redirects such as -*.symantec.com*
Additional Information
Frequently we are presented with exclusions not working when attempting to use <-abc.com/mydirectory>
Subdirectory functionality is not allowed and will not work.
You cannot add subdirectories to the domain, you can only exclude the domain itself.
Allowed
+-abc.com
+-www.abc.com
Not allowed
+-abc.com/anythingelse
+-www.abc.com/subdirectory
Feature requests have been provided for this functionality and were denied as the computational power required to provide this functionality is too great to be practical at this time.
Feedback
Yes
No
Powered by
