search cancel

Creating an application exception in the manager


Article ID: 180778


Updated On:


Endpoint Protection


 From the Symantec Endpoint Protection Manager (SEPM), you'd like to exclude a specific application by its hash to prevent the Symantec Endpoint Protection (SEP) client from scanning it or detecting on it.


The following instructions will prevent a particular application from being scanned or detected by SEP. This process is done in two steps. First, a SEP client must "learn" the application (find its "fingerprint", also known as a hash), then secondly, the application must be excluded from scanning, using that fingerprint.

Forcing SEP to Learn an Application

This can be done in two different ways:

  1. If you know the name of the application you would like to learn, you can configure SEP clients to monitor that application and learn its fingerprint.
    See Application to Monitor
  2. If you do not know the name of the application and would like to monitor all applications on a client(s), you can configure SEP clients to monitor all applications and learn their fingerprints. This should only be done on a small subset of clients and only temporarily otherwise the list can get very large, very quickly.
    See Collecting information about the applications that endpoints run

Creating an Exception for an Application

  1. Login to the Symantec Endpoint Protection Manager (SEPM) and go to the Policies page.
  2. On the Exceptions Policy page, click Exceptions.
  3. Click Add > Windows Exceptions > Application.
  4. In the View drop-down list, select All, Watched Applications, or User-allowed Applications.
  5. Select the applications for which you want to create an exception.
  6. In the Action drop-down box, select Ignore, or Log only.
  7. Click OK.

Additional Information