This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Global folder exclusions and PUA's

We are rolling out Sophos on our servers.

One server holds the software repository with company software installers and a lot of tooling for us sysadmins.

As one can guess, Sophos detects several PUA's, like Nirsoft apps, TightVNC, a.s.o.

We and Sophos seem to have a disagreement in what is a PUA.

Now I excluded the drive:\path where those tool apps reside in a custom Threat protection policy and still I cannot access the files and new POA alerts are generated.
I did a lot of searching, but cannot confirm that PUA's and folder exclusions are two different things, what is seems to be.
Also, excluding a single PUA every time is not an option. So if I can't solve this, Sophos cannot run on that server.

I want Sophos to leave that drive:\folder alone and not detect anything.
The share is used by sysadmins and everything put there has already been scanned by clients.

How can I solve this?

Regards,

Han



This thread was automatically locked due to age.
Parents Reply Children
No Data