Sophos Exclusion Questions

According to Sophos KB-000035264  support.sophos.com/.../KB-000035264 it states the following "By default, Sophos Central automatically uses vendor-recommended exclusions for certain widely-used applications. You can also set up your own exclusions in your policy." I have servers that should be detected and added in their vendor-recommended exclusions as they are on the list. If I go to Overview > Devices > Servers and then click on the server  and then go to Exclusions. If  filter to the Exclusions added automatically I don't see anything in there. If I go to All Exclusions then I do see the list that I added in there. 

1. If you add Global exclusions does that prevent the auto added exclusions from happening?

2. If those auto added exclusions don't appear in there then do I manually have to add them?

3. Is there a way to import an exclusion list rather than manually having to do every single one?

Thanks



Added TAGs
[edited by: Qoosh at 7:06 PM (GMT -8) on 18 Jan 2022]
Parents Reply Children
  • As advised by our Sr. Engineer on the case that you've provided.  It's been mentioned there that, When Sophos is on the device, our product will look into the registry for specific components for these servers.
    Just installing SQL for example does not trigger an automatic addition to the exclusions.
    Some components of SQL will create registry keys, which if Sophos sees, will go "ah, here's a thing that requires this specific exclusion!" and will then automatically create the related exclusion. If these SQL components are never installed, then Sophos won’t create any exclusion

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer | Global Community and Digital Customer Support
    Connect, Engage, Earn Rewards - Join the Sophos Community