This article describes how to create custom exclusions for the Cloud version of Symantec Endpoint Protection Small Business Edition (SEP SBE). This allows for customized protection based on your software and hardware environment.
To create custom exclusions, you must use a custom policy. You cannot edit the default policy.
- Folder Exclusions - Ensures that everything contained in the folder is not affected by scheduled scans, Sonar and auto-protect. This is especially useful for a database folder that has constant disk I/O.
- File Exclusions - Useful when legitimate files are being detected as threats, or for files that need to be excluded from Sonar detection. Unlike folder exclusions which completely disregard the contents of a folder, excluded files are still accessed during scheduled scans for the purpose of determining their identity.
- Extension Exclusions - Help prevent the quarantine of legitimate files, and increases the performance of software that may use proprietary file extensions. These exclusions are especially useful if these file types are sent over a local network.
- In the SEP SBE Management Console, click Policy.
- Select a policy.
- Under Computer Protection, expand Custom Exclusions.
- Create either a Folder, File, or Extension exclusion.
Symantec does not support any mechanism for using a Network path or Shared (Map) drive for creating a custom exclusion. Symantec does not support any mechanism for using a Network path or Shared (Map) drive for creating a custom exclusionS
Symantec does not support any mechanism for using a Network path or Shared (Map) drive for creating a custom exclusion.
Removing Program Control Blocks:
The second part to making sure custom exclusions work properly is to make sure the program that is running is not being blocked by the Program Control feature found in the Network Protection section of the Endpoint Protection Policy.
- Expand Program Control
- Click the Add Discovered Programs button
- Search the list of discovered programs and select the program being excluded
- Hit the Ok button and verify that control setting is set to Allow
- Scroll to the bottom of the policy page, select the group(s)to apply the exclusions to, select save and apply
Before creating exclusions it is important to work with technical support resources from the manufacturer of the software being excluded in order to ensure that all necessary paths and files are included in the rule-set. Making sure to exclude all the recommended files and folders per developers specifications will help reduce any conflicts with Symantec Endpoint Protection Cloud.