stgclink 0 Posted October 11 Share Posted October 11 Hi, we were trying to setup some Detection Exclusions for a Software running on that server. When trying to add a exclusion the option appears to be locked. We cannot find any option in the related policy that would lock the option. There is also only one policy in place for that product. We have set a performance policy for now but would like to avoid using those in the future. Any advice welcome. Thanks in advance! Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted October 11 Administrators Share Posted October 11 Detection exclusions can be managed only via the Exclusions panel in the ESET PROTECT console in case of managed ESET products: Quote Link to comment Share on other sites More sharing options...
stgclink 0 Posted October 11 Author Share Posted October 11 Ok maybe i misread something. What would be best practice to setup an exclusion for a directory on a paricular server without already having a logged detection? We would like to still scan files in that directory, don't clean them automatically but still show the detection in ESET Protect if there are questionable files. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted October 11 Administrators Share Posted October 11 In case a particular detection has not been triggered and reported to ESET PROTECT, you would need to create a performance exclusion that can be set up via a policy. Quote Link to comment Share on other sites More sharing options...
stgclink 0 Posted October 11 Author Share Posted October 11 3 hours ago, Marcos said: Detection exclusions can be managed only via the Exclusions panel in the ESET PROTECT console in case of managed ESET products: https://help.eset.com/efsw/10.0/en-US/idh_detection_exclusions.html Sounded different in this article. 2 hours ago, Marcos said: In case a particular detection has not been triggered and reported to ESET PROTECT, you would need to create a performance exclusion that can be set up via a policy. For now we have a performance exclusion in place but we don't really feel comfortable with this. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted October 11 Administrators Share Posted October 11 Are you referring to IDS exceptions and not detection exclusions? I thought we were talking about the latter: Quote Link to comment Share on other sites More sharing options...
offbyone 10 Posted November 8 Share Posted November 8 On 10/11/2023 at 1:18 PM, Marcos said: In case a particular detection has not been triggered and reported to ESET PROTECT, you would need to create a performance exclusion that can be set up via a policy. @Marcos We are facing a similar problem and had to find out the hard way, that performance exclusions were no longer honored by initial scans or manual scans (testing with latest 9.x releases here). This is different from version 7.3 where performance exclusions worked for all kind of scanning. Do you have a suggestion for workaround? THX. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted November 8 Administrators Share Posted November 8 Please raise a support ticket. I for one am not aware of any such changes between Endpoint v7-v10. Quote Link to comment Share on other sites More sharing options...
offbyone 10 Posted November 8 Share Posted November 8 1 hour ago, Marcos said: Please raise a support ticket. I for one am not aware of any such changes between Endpoint v7-v10. OK seems that we have to do so. But this is definitively true. We checked here multiple times in parallel with two identical VMs, one with 7.3 and one with 9.1. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.