Threats are only found in the file types that contain executable code. When Symantec Protection Engine receives a top-level file or a container file, it performs an analysis of the file structure to determine its true file type. You can conserve bandwidth and time by only scanning the files that might contain threats, based upon their file extensions or file types.
Symantec Protection Engine is configured by default to scan all files regardless of extension or type.
You can choose to scan all files except those that are in the file extension and file type exclude lists. Symantec Protection Engine scans only top-level files or the files that are embedded in the archival file formats that are not contained in either list. The default exclude lists contain the most common file extensions and the file types that are unlikely to contain threats.
You can add any file extension to the File extension exclude list (file extensions must begin with a period).
The file types that you can add to the File type exclude list are as follows:
Although file types are formatted similarly to MIME types, they are not derived from MIME headers of the messages that are scanned. Symantec Protection Engine derives file types by an analysis of the data itself, regardless of what information is in the MIME type.
As you evaluate which files to exclude from scanning, consider the trade-offs between performance and protection. An exclusion list lets some files bypass scanning. Thus, new types of threats might not always be detected. Scanning all files regardless of type or extension is the most secure setting, but it imposes the heaviest demand on resources. During outbreaks, you might want to scan all files even if you normally use the exclusion lists to control the files that are scanned.
Use caution if you add .jpg or .jpeg to the File extension exclude list or image/jpg, image/jpeg, or image/* to the File type exclude list. These file types can be encoded with threats and might pose a risk to your network.
To specify which files to scan
In the console on the primary navigation bar, click Policies.
In the sidebar under Views, click Scanning.
In the content area under Files to Scan, click Scan all files except those in the extension or type exclude lists.
In the File extension exclude list, do any of the following steps:
To add a file extension to the exclude list
Type the file extension that you want to add.
Type each entry on a separate line. Each entry should begin with a period.
To remove a file extension from the exclude list
Highlight and delete the file extension that you want to remove.
In the File type exclude list, do any of the following steps:
To add a file type to the exclude list
Type the file type that you want to add.
Type each extension on a separate line. You must type the file type exactly as it appears in the list. Use the wildcard character /* to include all subtypes for a file type. For example, if you type audio/* you would exclude all audio subtypes from being scanned.
To remove a file type from the exclude list
Highlight and delete the file type that you want to remove.
To restore the default exclude lists, under Tasks, click Reset Default List.
This option restores the default File type exclude list and File extension exclude list.
On the toolbar, select one of the following options:
Saves your changes.
Use this option to continue making changes in the console until you are ready to apply them.
Applies your changes.
Your changes are not implemented until you apply them.