1 Reply Latest reply on Apr 4, 2012 12:42 AM by wwarren

    Using file paths for VSE Access Protection Excluded Processes

      I wanted to know if you can use file paths in the "Excluded Processes" section of VSE Access Protection.  I've been putting them in there with quotes around them since there are spaces in the file path.  Can I do this or can you only have file names?  Seems kind of crazy to only use file names.  A malicious use would have a field day if this is true.  Please help.  Thanks.

       

      v/r

      Dragonpath

        • 1. Re: Using file paths for VSE Access Protection Excluded Processes
          wwarren

          The feature's intended use is for process names, not their paths.

          The concern about malware is valid but VSE's functionality is not meant to be as encompassing as the Host Intrusion Prevention product, which is the better choice for accomplishing what you're looking for.

           

          Still, you can specify full paths in process exclusions for VSE's AP rules if you want to, but we can't guarantee it'll consistently work. The problem is "Full path" information isn't always available to us at the moment the AP rule is being evaluated, so your mileage may vary. Again, HIPS is the proper soution to use for that usage scenario.