4 Replies Latest reply on Jun 2, 2016 7:28 PM by erode

    exclude server for scan

    erode

      Hello, i use ePolicy Orchestrator 5.1.0 and need to exclude a host from scan. Where is the option for exclude host/server to not scan?

       

      Thanks!

        • 1. Re: exclude server for scan
          tomz2

          Hi erode,

           

          Why are you looking to exclude a host from a scan completely? The way that ePO works is that you assign client tasks to the system to perform various kinds of work (product deployments, product updates, and on-demand scans). If you don't assign a task to the client it won't get the work.

           

          I'd advise against excluding a system completely, but rather look to understand why a scan would possibly interfere and find a way to minimize the interference either through off-hours scanning or leveraging the high/low risk processes feature of VSE.

          • 2. Re: exclude server for scan
            erode

            Thanks for the reply.

            It is a backup server (microsoft dpm), and when collecting detects many files as malicious and sends it to quarantine. I then filled the quarantine folder with these files and need to exclude the analysis of that server.

             

             

            thanks again

            • 3. Re: exclude server for scan
              tomz2

              Does Microsoft have any documented best practices for AV and DPM 2012? The fact that VSE is finding malicious files in backups is troubling in the first place, and I wouldn't recommend excluding anything simply because it doesn't make sense to backup malware. Do you really want to have a restore scenario where malware is put back?

               

              Your better bet is to review the sources that are being backed up and find why endpoint AV is not catching the infections and removing them there.

              • 4. Re: exclude server for scan
                erode

                thanks for your answer.

                then, it would be desirable to exclude certain directories from my storage server where are these "malicious" files. how could it? not to scan a specific directory.

                 

                 

                Thank you!