Adding Exclusions to a Specific Rule

  1. Go to Policy > Threat Prevention > Policy Capabilities.
  2. Select the rule for which the exclusion is to be created.
  3. In the Capabilities & Exclusions pane, click Exclusions Center.
  4. Click Go to Smart Exclusions.
  5. Click Create New Exclusion.
  6. Select the exclusion type:
    • Single-method exclusion — Add an exclusion for only one exclusion type.
    • Multi-method exclusion — Add exclusions for multiple types of exclusions.
  7. Enter a name for the exclusion and make sure the status is Enabled.
  8. Apply the exclusion to all supported capabilities, or select Select specific and choose the required capabilities from the Capabilities list.
  9. (Optional) To enable Chained Exclusions, in the Chained Exclusion are available for section, turn on Inherit exclusion to child processes.

    This automatically excludes all the child processes of the excluded process.

    Note:
    With the Endpoint Security Client version E88 and higher, Chained Exclusions support only the Forensics Monitoring capability.
  10. Enter the exclusion details and click OK.
    Note:
    For supported syntax and capabilities for exclusion types, see sk181679.
  11. Click Save & Install.
Note:
A Single-method exclusion can be changed to a Multi-method exclusion. See Managing Exclusions.