search cancel

Creating Exceptions Policies in the Endpoint Protection Manager

book

Article ID: 151461

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

A file, folder, file extension or application needs to be excluded from being scanned by one or more features of the Symantec Endpoint Protection (SEP) client.
Such exclusions can be configured for managed SEP clients using Centralized Exceptions policies in the Symantec Endpoint Protection Manager (SEPM) console.

Resolution

Exceptions policies contain exceptions for the following types of scans for Windows-based operating systems:

  • Auto Protect (Extension Exception)
  • Scheduled and on-demand (Extension Exception)
  • All Scans (Extension Exception)
  • Application Control (File Exception)
  • Security Risk (File Exception)
  • SONAR (File Exception)

Follow the instructions below to make the type of exception required:

Creating exceptions for Windows Platform

  • Log into the SEPM and click Policies.
  • Under View Policies click Exceptions.
  • Under Tasks click Add a Exception policy. This will create and open a new Exceptions Policy.
  • In the left pane, click Exceptions.
  • Click the Add button to open a drop-down menu. Move the cursor over Windows Exceptions to open a second drop-down menu.
  • Select one of the 9 available options: Application, Application to Monitor, Extension, File, Folder, Known Risks, Trusted Web Domains, Tamper Protection Exception, DNS or Host File Change Exception.

Creating exceptions for Mac Platform

  • Log into the SEPM and click Policies.
  • Under View Policies click Exceptions.
  • Under Tasks click Add a Exception policy. This will create and open a new Exceptions Policy.
  • In the left pane, click Exceptions.
  • Click the Add button to open a drop-down menu. Move the cursor over Mac Exceptions to open a second drop-down menu.
  • Click Security RiskException for Files or Folder
  • Select required prefix Variable and under File or folder enter the path. (For Mac Subfolders are included by default)

Creating exceptions for Linux Platform

  • Log into the SEPM and click Policies.
  • Under View Policies click Exceptions.
  • Under Tasks click Add a Exception policy. This will create and open a new Exceptions Policy.
  • In the left pane, click Exceptions.
  • Click the Add button to open a drop-down menu. Move the cursor over Linux Exceptions to open a second drop-down menu.
  • Select either Folder or Extensions.

 

Note: Wildcard variables such as * and ? are not required for Known Risks, File, or Folder exceptions for Window. As for file level exception you need to specify the complete path of  the file and for Folder level exception you need to specify the folder path and when "Include Subfolder" is checked it will exclude every single file and folders inside the parent folder. The ? wildcard is supported for Extension exceptions. The * wildcard is supported for Trusted Web domains exceptions.

Note: For File and Folder-based exclusions, the Full Path to the file must be specified, unless a "Prefix Variable" is selected. If a "Prefix Variable" is selected, the path specified should be relative to the selected "Prefix Variable"

Note: If you are unsure about what type of exception to make please see the chapter entitled "Managing Exceptions" in the pdf "Installation and Administration Guide".

  1. Enter the appropriate information for the item to be excluded. For Extensions, File, and Folder exclusions, specify the type of scans that will be excluded from the drop down menu or menus.
  2. (Optional) Repeat steps 6 through 8 to add any other Security Risk Exceptions to the policy.
  3. Click OK.
  4. Assign the policy to a group within the SEPM.


References

Managing exceptions in Symantec Endpoint Protection

Symantec Endpoint Protection Installation and Administration Guide