Users receive multiple IPS detection emails for known good applications
Last Updated October 20, 2015
Users report that they are receiving multiple emails for IPS detections of an in-house application or a known application, in these cases it is necessary to allow the software to operate either locally via policy or globally by submitting the offending software to Symantec for analysis and inclusion in virus definitions as a known good application.
Notification emails triggered
There are 2 solutions for stopping the detections:
A temporary solution is to add a program control exception for the program involved via policy within the portal as described in the "Removing Program Control Blocks" section of TECH214005.
A permanent solution is to submit the file to our false positive website for analysis and inclusion in the Global White-list of allowed software.