Create Whitelist policies for files and external computers so that Symantec Advanced Threat Protection (ATP) explicitly allows access to them regardless of their reputation. When you whitelist an item, ATP considers it "trusted" and takes no action on it. For example, if you whitelist a file, ATP does not inspect that file nor does it request a reputation score for it. Whitelisting trusted files and external computers can conserve scanning resources and reduce the number of events that ATP creates. It can also eliminate false negatives.
Create a Whitelist policy to do any of the following:
See Importing policies and exporting policies in bulk.
You must have the Admin role or Controller role to create Whitelist policies.
To create a Whitelist policy
In ATP Manager, click .
Click the plus sign and select .
In the Add to Whitelist dialog box, click the drop-down list and select one of the following:
Note: |
You cannot edit the Type or Match Value of a whitelisted item after you add it. However, you can delete it or edit the comment. See Managing policies. |
In the Match Value field, type the value of the whitelisted item based on the type that you selected.
ATP validates the value based on its type. The Match Value appears in the list as the Rule Value.
See Supported policy match values for IP addresses, domains, and URLs.
Optionally, type a comment in the Comment field.
For example, you may want to specify the file name for SHA256 hash.
Click .
Thanks for your feedback. Let us know if you have additional comments below. (requires login)