I have few hash files provided to me to add them in the policy so they can only report instead of delete.
1- How can I check if they are already part of the policy.
2. If they are not, how can I add them?
Within ePO the Potentially Unwanted Programs are listed within the ENSTP Options policy. This is however only done based on filename, not hash.
The ENSTP Options policy doesn't give you the option to block or report. Does it block if we add any files in this policy.
I looked at Access Protection, it does give the option to add as MD5 files. can this policy be used to add PUP files?
If you define a PUP then the action taken for this PUP is defined in the ENSTP OAS / ODS policy. The action however would not be block, it would be delete or clean.
If you want to BLOCK something, then you'd need to use Access Protection Rules. But here you cannot block based on MD5. To block using MD5 you would need to define the MD5 within TIE as known malicious.