stgclink 0 Posted October 11, 2023 Share Posted October 11, 2023 Hi, we were trying to setup some Detection Exclusions for a Software running on that server. When trying to add a exclusion the option appears to be locked. We cannot find any option in the related policy that would lock the option. There is also only one policy in place for that product. We have set a performance policy for now but would like to avoid using those in the future. Any advice welcome. Thanks in advance! Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted October 11, 2023 Administrators Share Posted October 11, 2023 Detection exclusions can be managed only via the Exclusions panel in the ESET PROTECT console in case of managed ESET products: Link to comment Share on other sites More sharing options...
stgclink 0 Posted October 11, 2023 Author Share Posted October 11, 2023 Ok maybe i misread something. What would be best practice to setup an exclusion for a directory on a paricular server without already having a logged detection? We would like to still scan files in that directory, don't clean them automatically but still show the detection in ESET Protect if there are questionable files. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted October 11, 2023 Administrators Share Posted October 11, 2023 In case a particular detection has not been triggered and reported to ESET PROTECT, you would need to create a performance exclusion that can be set up via a policy. Link to comment Share on other sites More sharing options...
stgclink 0 Posted October 11, 2023 Author Share Posted October 11, 2023 3 hours ago, Marcos said: Detection exclusions can be managed only via the Exclusions panel in the ESET PROTECT console in case of managed ESET products: https://help.eset.com/efsw/10.0/en-US/idh_detection_exclusions.html Sounded different in this article. 2 hours ago, Marcos said: In case a particular detection has not been triggered and reported to ESET PROTECT, you would need to create a performance exclusion that can be set up via a policy. For now we have a performance exclusion in place but we don't really feel comfortable with this. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted October 11, 2023 Administrators Share Posted October 11, 2023 Are you referring to IDS exceptions and not detection exclusions? I thought we were talking about the latter: Link to comment Share on other sites More sharing options...
offbyone 10 Posted November 8, 2023 Share Posted November 8, 2023 On 10/11/2023 at 1:18 PM, Marcos said: In case a particular detection has not been triggered and reported to ESET PROTECT, you would need to create a performance exclusion that can be set up via a policy. @Marcos We are facing a similar problem and had to find out the hard way, that performance exclusions were no longer honored by initial scans or manual scans (testing with latest 9.x releases here). This is different from version 7.3 where performance exclusions worked for all kind of scanning. Do you have a suggestion for workaround? THX. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted November 8, 2023 Administrators Share Posted November 8, 2023 Please raise a support ticket. I for one am not aware of any such changes between Endpoint v7-v10. Link to comment Share on other sites More sharing options...
offbyone 10 Posted November 8, 2023 Share Posted November 8, 2023 1 hour ago, Marcos said: Please raise a support ticket. I for one am not aware of any such changes between Endpoint v7-v10. OK seems that we have to do so. But this is definitively true. We checked here multiple times in parallel with two identical VMs, one with 7.3 and one with 9.1. Link to comment Share on other sites More sharing options...
Recommended Posts