I have a Linux system that is being managed by the ePolicy Orchestrator, version 5.9.1
This system in particular generates a lot of traffic in a few specific folders, such as /home/user. I would like to exclude this folder and others from being scanned by the McAfee service. Is there a way to do this through the ePO, or on the server itself?
The Linux system has Agent 5.6.1, with Endpoint Security version 10.5.
Solved! Go to Solution.
Hi @farrg
Yes, there is a way to exclude these directories from scanning. Which component are you looking to exclude them from, On-Access Scanning? If so, please see the information here on how to add an exclusion directly on the system.
To add the exception on ePO do the following:
- Find the system in the system tree
- Bottom left click Actions > Directory Management > View Assigned Policies
- When viewing the policies, click the dropdown in the top middle next to Product and click on Endpoint Security Threat Prevention
- Locate the On-Access Scan policy
- In the policy find the section towards the bottom labeled Exclusions
- Add your directory location here, for example:
/home/
**Note - when adding your directory there is a checkbox to exclude subfolders, check this box, and click save**
- Save the policy when you're done, send a wake-up call and things should be good to go
Feel free to let me know if the above information helps, or if you have additional questions about the above notes.
Zach
Hi @farrg
Yes, there is a way to exclude these directories from scanning. Which component are you looking to exclude them from, On-Access Scanning? If so, please see the information here on how to add an exclusion directly on the system.
To add the exception on ePO do the following:
- Find the system in the system tree
- Bottom left click Actions > Directory Management > View Assigned Policies
- When viewing the policies, click the dropdown in the top middle next to Product and click on Endpoint Security Threat Prevention
- Locate the On-Access Scan policy
- In the policy find the section towards the bottom labeled Exclusions
- Add your directory location here, for example:
/home/
**Note - when adding your directory there is a checkbox to exclude subfolders, check this box, and click save**
- Save the policy when you're done, send a wake-up call and things should be good to go
Feel free to let me know if the above information helps, or if you have additional questions about the above notes.
Zach
This is exactly what I needed, thank you.
you can set the folder exclusion in the ens threatprevention on-access policy
in the process settings section scroll to the bottom and select add under the exclusions section
choose file name or path and add the folder path followed by a trailing /
ex: /home/user/
then select "also exclude subfolders"
save
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA