You can create an exception for a specific application that makes a DNS or host file change. SONAR might prevent system changes like DNS or host file changes. You might need to make an exception for a VPN application, for example.
You can monitor a particular application so that you can create a DNS or host file change exception. After Symantec Endpoint Protection learns the application and the management console receives the event, the application appears in the application list. The application list appears empty if the client computers in your network have not yet learned any applications.
Use the SONAR settings to control how SONAR detects DNS or host file changes globally.
To create an exception for an application that makes a DNS or host file change
On the Exceptions Policy page, click Exceptions.
Click Add > Windows Exceptions > DNS or Host File Change Exception.
Select the applications for which you want to create an exception.
In the Action drop-down box, select Ignore, Log only, Prompt, or Block.
The actions apply when scans detect the application making a DNS or host file change.