Cb Defense: Digital Guardian Exclusions
search cancel

Cb Defense: Digital Guardian Exclusions

book

Article ID: 288589

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

To avoid potential interop issues, Digital Guardian recommends the following exclusions be created for the Digital Guardian Agent
 

Environment

  • Cb Defense Sensor: All Supported Versions
  • Microsoft Windows: All Supported Versions
  • MacOS: All Supported Versions
  • Digital Guardian Agent: 7.x 

Resolution

In the Cb Defense console create or add the following exclusions to a permission bypass rule within your policies

Windows:
  • Folder level exclusions:
    • %programfiles%\dgagent\ = C:\Program Files\DGAgent
    • %SYSTEMROOT%\Temp\acit\ = C:\Windows\TEMP\acit
  • File level exclusions:
    • C:\windows\system32\dgapi.dll
    • C:\windows\system32\dgapi64.dll
    • C:\windows\system32\DGShlExt.dll
    • C:\Windows\SysWOW64\DgApi.dll
    • C:\Windows\SysWOW64\DgDecrypt.exe
    • C:\Program Files\DGAgent\DgUpdate.exe
    • C:\Program Files\DGAgent\DgWip.exe
  • Driver exclusions:
    • C:\WINDOWS\system32\drivers\dgdmk.sys
    • C:\WINDOWS\system32\drivers\DgDmkDisk.sys
    • C:\WINDOWS\system32\drivers\dgfs.sys
    • C:\WINDOWS\system32\drivers\dglfs.sys
    • C:\WINDOWS\system32\drivers\DGMaster.sys
MacOSX:
  • Folder level exclusions:
    • /dgagent/*.*

Additional Information

Guidance provided by Digital Guardian in document: Security Application Exclusions Version 5.7 released on 08/25/2018
Powered by Wolken Software