Jump to content

Program exclusions


Go to solution Solved by Marcos,

Recommended Posts

  • Administrators

It is not clear what issues should detection exclusions address according to the KB. Are those excluded drivers detected by ESET? If so then it's most likely because they are vulnerable.

However, it might make sense to create performance exclusions via a policy like what Microsoft suggests for MS Exchange but these should be provided by the application maker and should be used with care and address or prevent actual issues.

Link to comment
Share on other sites

Hi Marcos, thank you for your reply. Are performance exclusions via policy able to achieve same as setting up Detection Exclusions on the endpoint's AV? Can you point me to a bit of documentation on how to set up these.

Link to comment
Share on other sites

  • Administrators

Detections exclusions cannot resolve performance issues. Detection exclusions should be used if you deliberately keep a file detected by ESET on a disk, e.g. a kind of potentially unsafe application for remote monitoring or administration, vulnerable drivers for which no fixed version exists. etc.

https://help.eset.com/ees/11/en-US/idh_exclude.html

Link to comment
Share on other sites

  • 2 weeks later...

@Marcos Thank you for your reply, am I correct in saying that Performance Exclusions can be set to prevent ESET from scanning a given path, and no detections should occur from a folder set in the Performance Exclusion Policy.
So for example if I set C:\ProgramData\{4CEC2908-5CE4-48F0-A717-8FC833D8017A}\*  path in the exclusion policy no detections should occur in that folder and its subfolders, correct? 
Using https://help.eset.com/protect_cloud/en-US/create_exclusion.html as a reference.

Link to comment
Share on other sites

  • Administrators
2 minutes ago, Misza said:

am I correct in saying that Performance Exclusions can be set to prevent ESET from scanning a given path, and no detections should occur from a folder set in the Performance Exclusion Policy.
So for example if I set C:\ProgramData\{4CEC2908-5CE4-48F0-A717-8FC833D8017A}\*  path in the exclusion policy no detections should occur in that folder and its subfolders, correct?

Correct. However, to prevent a particular detection from being reported on files in that folder, it's safer to use detection exclusions.

Link to comment
Share on other sites

But Detection exclusions can only be set once the detection occurs, correct? And these can only be set per endpoint on which the detection occurred. My aim is to prevent from these detections to happen on multiple endpoints. so the application installation/upgrade proceeds without any interruptions, and notifications on user side.

Link to comment
Share on other sites

  • Administrators
  • Solution

Yes, that's true. Currently it's possible to create only performance exclusions prior to actual detection.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...