To prevent unnecessary scanning and analysis on files for which your organization has identified a reputation, you can add a SHA1 hash to Content Analysis with the manual Whitelist/Blacklist configuration page. This service requires no additional subscription license; it is included with the base license for the appliance.
During file processing, Content Analysis will check these lists before reaching out to the cloud-based File Reputation service. Unlike the cloud service, the manual whitelist/blacklist configuration results in either an allow or deny, with no further analysis. If the hash exists in either list, the file will either be permitted without further analysis (whitelist) or denied without further processing (blacklist).
Tip: To report false positives go to this link: https://symsubmit.symantec.com
Tip: This feature is based on the SHA1 hash of files. You can use your favorite third party tools (web-based and offline) to generate a SHA1 hash to use in your whitelist/blacklist configuration.
If you're not sure if the file you're looking to block or allow has been added to Content Analysis before, you can search each reputation list.
Paste the SHA1 hash for a file in the Search for Hash field in either the whitelist or blacklist. Click Search.
If you know that the a hash does not exist in the file reputation list you are working with, you can add it.
Paste the SHA1 hash for a file to either Add Hash to Blacklist or Add Hash to Whitelist fields, depending on whether you would like to block or allow user access to this file in future download attempts.
Whenever you make changes to either hash reputation list, it's a good idea to back up that list. Perform that backup with Export.
You are prompted to save a CSV file containing your hash reputation list. The CSV file is named either blacklist or whitelist, followed by the date (for example, blacklist_2015-12-01.csv).
If you have a file reputation list that you have previously saved, you can import it into Content Analysis.
You are prompted to browse for a CSV. Locate the desired file and click Open. When the upload is complete, the browser displays a confirmation dialog.