Adding Exclusions to a Specific Rule
- Go to Policy > Threat Prevention > Policy Capabilities.
- Select the rule for which the exclusion is to be created.
- In the Capabilities & Exclusions pane, click Exclusions Center.
- Click Go to Smart Exclusions.
- Click Create New Exclusion.
-
Select the exclusion type:
- Single-method exclusion — Add an exclusion for only one exclusion type.
- Multi-method exclusion — Add exclusions for multiple types of exclusions.
- Enter a name for the exclusion and make sure the status is Enabled.
- Apply the exclusion to all supported capabilities, or select Select specific and choose the required capabilities from the Capabilities list.
-
(Optional) To enable Chained Exclusions, in the Chained Exclusion
are available for section, turn on Inherit exclusion
to child processes.
This automatically excludes all the child processes of the excluded process.
Note:With the Endpoint Security Client version E88 and higher, Chained Exclusions support only the Forensics Monitoring capability. -
Enter the exclusion details and click OK.
Note:For supported syntax and capabilities for exclusion types, see sk181679.
- Click Save & Install.
Note:
A Single-method exclusion can be changed to a Multi-method exclusion. See
Managing Exclusions.