Migrating Legacy Exclusions

Important:

Best Practice — Check Point recommends following these steps before migrating to Smart Exclusions:

  1. Go to Policy > Threat Prevention > Policy Capabilities.

  2. Pick a rule to test the migration and clone the rule.

  3. Place the newly created rule at the top.

  4. Under Applied To, select a test group.

  5. Click Exclusion Center for the newly created rule and export the legacy exclusions for backup purposes.

  6. For the newly created rule, migrate to Smart Exclusions.

  7. Click Save and Install.

  8. Go to Logs and filter the logs for the computer in the test group. Verify there are no false positives and all the detections are excluded correctly.

  9. If there are issues, contact Check Point Support.

  10. Perform the steps for each rule one at a time.

  11. Repeat the process for Global Exclusions.

To migrate legacy exclusions for a rule

  1. Go to Policy > Threat Prevention > Policy Capabilities.

  2. Select the rule.

  3. In the Capabilities & Exclusions pane, click Exclusions Center.

  4. To migrate legacy global exclusions, go to Policy > Threat Prevention > Global Exclusions.

  5. Click Go to Smart Exclusions.

To migrate all legacy exclusions

  1. Click Migrate from Legacy Exclusions (available only if there are no exclusions), or click All exclusions from legacy. The Import All Legacy Exclusions window appears.

  2. (Recommended) To remove all the legacy exclusions after migrating to Smart Exclusions, select Remove all the imported exclusions from legacy.

  3. Click Import.

To migrate specific exclusions

  1. Click Select exclusions from legacy. The Transfer from Legacy - Select Exclusions window appears.

  2. Select the exclusions.

  3. Click OK. The exclusions are added to Smart Exclusions.

  4. For a specific rule, click OK and Save & Install.

  5. For global exclusions, click Save. The exclusions are automatically enforced on the client without installing the policy.