none
Forefront Endpoint Protection 2010 - Process Exclusions

    Frage

  • Is it necessary to included the full path of executable when excluding a process within a policy? There are some processes that we would like to exclude that have many different locations. I was hoping I could just add the executable to the Exclude Processes and it would be excluded regardless of the location.

    Any feedback is greatly appreciated.

     

    Montag, 24. Januar 2011 13:56

Antworten

Alle Antworten

  • Is it necessary to included the full path of executable when excluding a process within a policy?  


    As far as I know it's not necessary.
    Bechir Gharbi | http://myitforum.com/cs2/blogs/bgharbi/
    Montag, 24. Januar 2011 16:13
  • Hay

    I do not know if I got your question well, Anyway from my experiance, you should at least do the needed excludes on Servers Like Exchange, Hyper-V.

    The Reason is: Scanning exchange database and exchange process will may low your server performance especially when the Hardware is not much high.

    Excluding all exe files!!! if you did it, then no need for anti malware, coz most of malware wait for special actions from exe programs to do them job.

    For excusion templates shipped with FEP, please take a look at: http://technet.microsoft.com/en-us/library/gg412475.aspx

     

    Montag, 24. Januar 2011 17:41
  • I think you misunderstood my question as I only want to exclude a few executables (Ex. DevEnv.exe). I was hoping to confirm that I would only have to add DevEnv.exe to the Exclude Process section rather than adding every location where that file may exist. I believe that is the way it works, but the documentation is lacking and both examples (%windir%\system32\service.exe; %windir%\system32\spoolsv.exe) shown in the GUI include the folder location and executable.

    Montag, 24. Januar 2011 18:35
  • I'd like an answer to this as well. Has anyone confirmed that you can leave the path off?
    Dienstag, 5. Juni 2012 16:49
  • I have confirmed that the path is not necessary.

    Thank you.

    • Als Antwort markiert RobM1971 Dienstag, 5. Juni 2012 17:27
    Dienstag, 5. Juni 2012 17:27
  • I have confirmed that the path is not necessary.

    Thank you.

    Awesome Rob thanks for the confirmation.
    Dienstag, 5. Juni 2012 17:46