The following instructions will prevent a particular application from being scanned or detected by SEP. This process is done in two steps. First, a SEP client must "learn" the application (find its "fingerprint", also known as a hash), then secondly, the application must be excluded from scanning, using that fingerprint.
Forcing SEP to Learn an Application
This can be done in two different ways:
- If you know the name of the application you would like to learn, you can configure SEP clients to monitor that application and learn its fingerprint.
See Application to Monitor
- If you do not know the name of the application and would like to monitor all applications on a client(s), you can configure SEP clients to monitor all applications and learn their fingerprints. This should only be done on a small subset of clients and only temporarily otherwise the list can get very large, very quickly.
See Collecting information about the applications that endpoints run
Creating an Exception for an Application
- Login to the Symantec Endpoint Protection Manager (SEPM) and go to the Policies page.
- On the Exceptions Policy page, click Exceptions.
- Click Add > Windows Exceptions > Application.
- In the View drop-down list, select All, Watched Applications, or User-allowed Applications.
- Select the applications for which you want to create an exception.
- In the Action drop-down box, select Ignore, or Log only.
- Click OK.