search cancel

Exchange Exception on Mounted Volume Not working with Symantec Endpoint Protection Anti-virus

book

Article ID: 241050

calendar_today

Updated On:

Products

Protection Suite Enterprise Edition Endpoint Protection

Issue/Introduction

After implementing the appropriate exceptions for the mounted volumes on exchange servers and testing to ensure the files and folder locations are excluded, users still see AV blocking. 

Cause

Symantec Endpoint Protection (SEP) has a limitation on scanning exception for mounted volumes. During tests on simple, "local volume only" machines, the exception works as expected.

Environment

SEP 14.3 RU3

Resolution

When running an automated script for eicar.org testing or during a manual scan, run the test on SEP clients devoid of mounted volumes or within a local drive on the SEP client itself. When using a script to run the test where the test fails, try running the test manually instead, either through downloading the eicar file or pasting in the eicar string and saving the file as a text file in the directory listed in the exceptions policy.

Additional Information

JIRA SEP-65190