Jump to content

Archived

This topic is now archived and is closed to further replies.

whitelistCMD

ESET File Security v6.5 with v7 policy editor in ERA 6.5 ova - Exclusions

Recommended Posts

Hello,

I have a question that pertains to File Exclusions under RTFSP.... If we have multiple policies stacked on top of one another for a specific server, and those policies both carry File Exclusions under RTFSP, how are we able to stack those exclusions? I do not see the option to append, pre-pend, or replace? I do see the option for File Exclusions under Detection Engine, but it is non-existent for File Exclusions under RTFSP? Do only the exclusions under the last policy applied, get excluded from RTFSP? Thanks in advance!

Share this post


Link to post
Share on other sites

This is the place where you define file exclusions. They are applied to all scanners, including real-time protection:

image.png

I wonder if you could provide some examples of exclusions you need to create and why. Basically the product should work alright without any exclusions defined. Each exclusion creates a potential security hole so we encourage users not to exclude anything unless inevitable. If exclusions need to be used, we'd like to hear about real use cases since we'd prefer to find another solution than using exclusions.

Share this post


Link to post
Share on other sites

I just went ahead and started putting our exclusions in this list, however, this won't work for us. I need to be able to exclude certain file types from scanning (yes, I know there should not be exclusions, but it impacts the performance on a couple of machines when certain file types are being scanned, and I was overruled on this decision). The problem with exclusions of certain file types is I may not know the path, and the servers may have different drive letters. If I can't Replace or Append the file extensions list, then I can't have more than one list if a server is picking up more than one policy?

Share this post


Link to post
Share on other sites

@whitelistCMD as the "file extensions" are part of "scanning profile" and entire "scanning profile" is treated as "one setting" (if you set one value within a profile to "apply / force" the entire profile will inherit this setting), you can´t perform append / replace operations. So as of now, it´s not possible to perform the desired operation.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...