Using Deny List Policy settings
A Deny List policy contains a list of files that you want to block and quarantine. You identify each file by SHA-256 or a MD5 hash. These hash types are supported for
Symantec Endpoint Protection14.x hybrid-managed devices and for
Symantec Endpoint Securitycloud-managed devices.
Currently, you can add items to the deny list only by file hash.
The option to lock the policy is not available for Deny List Policy settings.
You can use the Application Control feature for a comprehensive way to control the execution of files. Application Control requires a subscription to Symantec Endpoint Security Complete. See:
You can add files to the deny list in the following ways:
- Add the file's hash to a Deny List policy on thePoliciespage.
- Use theAdd to Deny Listaction from theDiscovered Items > Filesview.
- An Add to Deny List task recommendation might appear inMy Tasks.
- To configure a Deny List policy
- Go toPolicies.
- Select the policy that you want to edit or create a new policy. See:
- On theDetailstab, underDenied Binaries, select the plus icon to add an item to the deny list.
- Enter the file name and hash value, and then selectAdd.
- SelectSave Policy.