You can monitor a particular application so that you can create an exception for how Symantec Endpoint Protection handles the application. After Symantec Endpoint Protection learns the application and the management console receives the event, the application appears in the application list in the Application Exception dialog. The application list appears empty if the client computers in your network have not yet learned any applications.
The applications list includes the applications that you monitor as well as the files that your users download. Symantec Endpoint Protection applies the action when either Symantec Endpoint Protection detects the application or the application runs.
The applications also appear in the list for DNS and Host File Change Exception.
To specify how Symantec Endpoint Protection handles monitored applications on Windows clients
On the Exceptions Policy page, click Exceptions.
Click Add > Windows Exceptions > Application.
In the View drop-down box, select All, Watched Applications, or User-allowed Applications.
Select the applications for which you want to create an exception.
In the Action drop-down box, select Ignore, Log only, Quarantine, Terminate, or Remove.
The Ignore and Log only actions apply when scans detect the application as bad or malicious. The Terminate, Quarantine, and Remove actions apply when the application launches.