Managing exceptions in
Symantec Endpoint Protection

You can manage exceptions for
Symantec Endpoint Protection
in the
Symantec Endpoint Protection Manager
console.
Managing exceptions
Task
Description
Learn about exceptions
You use exceptions to exclude items from being scanned on your client computers.
Review the types of files and folders that
Symantec Endpoint Protection
automatically excludes from scans
Symantec Endpoint Protection
automatically creates exceptions, or exclusions, for some third-party applications and some Symantec products.
You can also configure individual scans to scan only certain extensions and skip any other extensions.
Create exceptions for scans
You add exceptions in an Exceptions policy directly. Or you can add exceptions from log events on the
Monitors
page.
Restricting the types of exceptions that users can configure on client computers (Windows only)
By default, users on client computers have limited configuration rights for exceptions. You can restrict users further so that they cannot create exceptions for virus and spyware scans or for SONAR.
Users can never force an application detection and they never have permission to create Tamper Protection exceptions.
Users also cannot create a file exception for application control.
Check the logs for detections for which you might want to create exceptions
After
Symantec Endpoint Protection
makes a detection, you can create an exception for the detection from the log event.
For example, you might want to create an exception for a file that scans detect but that your users request to download.
Create exceptions for intrusion prevention signatures
You can specify exceptions for intrusion prevention.
You can also set up a list of excluded hosts for intrusion prevention.
Intrusion prevention exceptions are configured in an Intrusion Prevention policy.