Managing denied items and allowed items from the central list

From the central list, you can add a file hash for a specific file to an existing Deny List or Allow List policy.
You can also upload a list of file hashes to a Deny List or Allow List policy by importing a CSV file. The CSV file contains specific information for each file that you want to include in the policy. After a successful import, the file hashes appear in the central list.
SHA-256 file hashes and MD5 file hashes are supported for a Deny List policy for
Symantec Endpoint Protection
14.x hybrid-managed devices and for
Symantec Endpoint Security
cloud-managed devices. Only SHA-256 file hashes are supported for an Allow List policy.
  1. To add a single file hash to a Deny List or Allow List policy
  2. Go to
    Settings > Deny List and Allow List.
  3. On the
    Deny List
    or
    Allow List
    tab, select
    Add File
    .
  4. Select the policy that you want to update with the file hash, and then press
    Submit
    .
  5. Select the file for which you want to add a file hash to the policy.
  6. Press
    Add
    .
To import a CSV of file hashes to a Deny List or Allow List policy
  1. Create the CSV file. See To create and edit a CSV file.
  2. Go to
    Settings > Deny List and Allow List
    .
  3. On the
    Deny List
    or
    Allow List
    tab, select
    Import File Hash
    .
  4. Select the policy to update, and then press
    Submit
    .
  5. Press the browse icon and locate the CSV file that contains the file hashes.
  6. Select
    Import
    . You see a confirmation message that the file hashes are added to the policy.
MD5 file hashes are not supported for the Allow List policy.
The CSV file cannot be larger than 1MB.
To create and edit a CSV file manually for import
  1. You can use the checksum.exe tool to create a CSV file for hashes on a Symantec Endpoint Protection device.
  2. Regardless of how you create a CSV file, you must format the file to indicate all required columns.
    The import option requires multiple column values that are not required if you choose to add a file hash directly in a policy instead. The policy only requires you to specify a file name and hash.
    The import option here requires you to include comma-separated values for all of the columns listed below.
    A comma must be included in the CSV file to represent the column even if the column is blank. If you do not include one of the column commas, the import will fail.
    For example:
    D3763FFBFAF30BCFD866B8ED0324E7A3,916CC8D6BF2282AE0D2DB587F4F96780AF59E685A1F1A511E0B2B276669DC802,"c:\test\procdump.exe","procdump.exe",,,,,546234,,,,,,,,,,,
    In the above example, if you wanted to leave out the MD5 column, the input would read:
    ,916CC8D6BF2282AE0D2DB587F4F96780AF59E685A1F1A511E0B2B276669DC802,,procdump.exe,,,,,564345,,,,,,,,,,,
    Required comma-separated columns
    There are 20 columns. Include the comma even if the value is blank.
    • MD5
    • SHA256
    • Location
    • Original filename
    • Company
    • Product name
    • File version
    • Product version
    • Size
    • Type of file
    • Created
    • Modified
    • Description
    • Copyright
    • Issued by
    • Issued to
    • Thumbprint
    • unknown
    • Serial number
    • Certificate signing time (represented as epoch time)