This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Policy exclusion vs global exclusion. Both ways, exe´s deleted

Hi, maybe i´m setting something wrong, but i hope can you help me.

I made exclusions on threat protection in Policy Exclusions and Global Exclusions. I need to exclude folders that contains an ERP files.

Sophos detect false positives in that ERP files. Therefore the files are deleted.

I tried set first Policy Exclusions  and then the Global Exclusions but both of them doesn´t work in my Sophos Central.

Anyway the .exe filies are removing.

I share the screenshots with the configuration in Sophos Central.

I´ll be grateful if you help me.

Best Regards.



This thread was automatically locked due to age.
Parents
  • Hello Arturo Carrillo,

    won't object to GlennSen's suggestion, on the contrary - submitting samples for (assumed) FPs both, if confirmed, assures that they are indeed FPs and eliminates the need for exclusions (potentially for other customers as well).

    As for exclusions (that are, as said, not the best choice of action): It's an ML detection and ML detections explained suggests to allow the application (if I understand correctly).
    Furthermore, might be my eyesight but as far as I can see the path in detection starts with X:\DominioM BI\ and this is not covered by the exclusions shown. This folder is excluded on C: only and the exclusion on X: starts with some other name. Or am I mistaken?

    Christian

  • FormerMember
    0 FormerMember in reply to QC

    ML does respect folder exclusions. Just make sure you have listed ALL the folders and they have the trailing \ to make sure that the endpoint knows its a folder.

Reply Children
No Data