whitelistCMD 1 Posted August 31, 2018 Share Posted August 31, 2018 Hello, I have a question that pertains to File Exclusions under RTFSP.... If we have multiple policies stacked on top of one another for a specific server, and those policies both carry File Exclusions under RTFSP, how are we able to stack those exclusions? I do not see the option to append, pre-pend, or replace? I do see the option for File Exclusions under Detection Engine, but it is non-existent for File Exclusions under RTFSP? Do only the exclusions under the last policy applied, get excluded from RTFSP? Thanks in advance! Link to comment Share on other sites More sharing options...
Administrators Marcos 4,931 Posted September 1, 2018 Administrators Share Posted September 1, 2018 This is the place where you define file exclusions. They are applied to all scanners, including real-time protection: I wonder if you could provide some examples of exclusions you need to create and why. Basically the product should work alright without any exclusions defined. Each exclusion creates a potential security hole so we encourage users not to exclude anything unless inevitable. If exclusions need to be used, we'd like to hear about real use cases since we'd prefer to find another solution than using exclusions. Link to comment Share on other sites More sharing options...
whitelistCMD 1 Posted September 10, 2018 Author Share Posted September 10, 2018 I just went ahead and started putting our exclusions in this list, however, this won't work for us. I need to be able to exclude certain file types from scanning (yes, I know there should not be exclusions, but it impacts the performance on a couple of machines when certain file types are being scanned, and I was overruled on this decision). The problem with exclusions of certain file types is I may not know the path, and the servers may have different drive letters. If I can't Replace or Append the file extensions list, then I can't have more than one list if a server is picking up more than one policy? Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 430 Posted September 11, 2018 ESET Staff Share Posted September 11, 2018 @whitelistCMD as the "file extensions" are part of "scanning profile" and entire "scanning profile" is treated as "one setting" (if you set one value within a profile to "apply / force" the entire profile will inherit this setting), you can´t perform append / replace operations. So as of now, it´s not possible to perform the desired operation. Link to comment Share on other sites More sharing options...
Recommended Posts