Remove From My Forums

Endpoint protection Antimalware Policy --> Advanced --> Allow users to exclude files, folders and processes

Question
0

Sign in to vote

Hi,

We are managing Endoint protection on our server machines from SCCM server endpoint protection module.

As per the recommendation of Microsoft, we have put some files, folders and processes of our Exchange 2016 servers in exclusion by setting "YES" against "Allow users to exclude files, folders and processes" in endpoint protection antimalware policy in SCCM server, and then added required paths, files and folders in exclusion at client end

We are planning to schedule "Full scan" to run on all server machines once in a week. Need to confirm that if "Full Scan" will consider excluded files, folder and processes in "Full scan" or it will exclude.

Thanks

Tuesday, July 2, 2019 6:41 AM

Answers

0

Sign in to vote
Hello,

If you have excluded files and or folder they will not be scanned when "Full Scan" is triggered.

The Full Scan will go into all your files & folder except the one you have excluded on your policy.

Regards
- Proposed as answer by Jason Sandys [MSFT]MVP Tuesday, July 2, 2019 1:39 PM
- Marked as answer by Syed Ashraf Ali Wednesday, July 3, 2019 4:55 AM
Tuesday, July 2, 2019 7:13 AM
0

Sign in to vote
Exclude means exclude for all activity, full scans, incremental scans, on-demand scans, and other other activity as well.
Jason | https://home.configmgrftw.com | @jasonsandys
- Marked as answer by Syed Ashraf Ali Wednesday, July 3, 2019 4:55 AM
Tuesday, July 2, 2019 1:40 PM

All replies

0

Sign in to vote
Hello,

If you have excluded files and or folder they will not be scanned when "Full Scan" is triggered.

The Full Scan will go into all your files & folder except the one you have excluded on your policy.

Regards
- Proposed as answer by Jason Sandys [MSFT]MVP Tuesday, July 2, 2019 1:39 PM
- Marked as answer by Syed Ashraf Ali Wednesday, July 3, 2019 4:55 AM
Tuesday, July 2, 2019 7:13 AM
0

Sign in to vote
Exclude means exclude for all activity, full scans, incremental scans, on-demand scans, and other other activity as well.
Jason | https://home.configmgrftw.com | @jasonsandys
- Marked as answer by Syed Ashraf Ali Wednesday, July 3, 2019 4:55 AM
Tuesday, July 2, 2019 1:40 PM
0

Sign in to vote

Thanks for clarification.

Regards

Wednesday, July 3, 2019 4:54 AM
0

Sign in to vote

Thanks for clarification.

Regards

Wednesday, July 3, 2019 4:55 AM
0

Sign in to vote

Hello Jason,

I have another confusion regarding "system center endpoint protection", if you can help me out on this:

After malware is detected and action is taken against that malware e.g. when I open "history" tab in SCEP client it show me detected items under "quarantined items"

Now, what I need to know is that ...... if i click on remove or "remove all" button, will it delete that particular malware infected file? or it will remove the entry from history detected items from SCEP client.

OR

I have to check in description the path of that quarantined file then go to that path and then delete that file?

Thanks

Friday, August 30, 2019 12:01 PM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Endpoint protection Antimalware Policy --> Advanced --> Allow users to exclude files, folders and processes

Question

Answers

All replies