I am having difficulties setting exclusions for a particular process (sqlserv.exe) on HIPS via the ePO.
I have been able to do this successfully on HIPS on the local machine.
However, to implement the policy via ePO is the challenge.
Please can anyone furnish me with the details.
- Open IPS rules policy
- Go to Exceptions Rules tab
- Click on Add Exception
- Select "Specific signatures" and then Add that Signature in the list
- Select the User Group
- Choose the process or define the path
- Save the signature and push this out to the clients