Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 2831 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Windows Folder Exclusions

Cameron Hynd

Hi,

I have setup windows folder exclusions on my Sophos endpoint policies (both for on demand an on access scanning) which have been rolled out fine. I can confirm that the exclusion format is "D:\folder\" as required.

However, when I start a scan, I notice that the folder in which I have excluded looks to be getting scanned? I read in a previous post from 2013 that Sophos doesn't actually exclude scanning folders but rather treats anything it does find within the exclusion list differently.

I would expect the scan progress not to look as if it is scanning the folder I have excluded!

Any further help/clarification would be much appreciated.

 

Regards,
Cameron



This thread was automatically locked due to age.
  • 0

    Hello Cameron,

    don't have a Windows endpoint at hand right now so I can't check the details. Local scans like Scan my computer by default (or mandatory) have a Rootkit Scan as first step. Exclusion settings don't apply to this scan and the progress window displays among others the usual Windows folders.

    But why exclude these folders in the first place (and then for "both" types of scanning)?

    Christian

  • 0 in reply to QC

    Christian,

    Thanks for the reply and you have confirmed my thoughts. It was the rootkit scan that was running at the start where I noticed the folder I had excluded.

    I am excluding these folders as they are causing our document management system to hang at certain points when it is running it's daily scan. I wanted to exclude to confirm that was the case.

    Thanks for helping out.

  • 0 in reply to Cameron Hynd

    Hello Cameron (sorry for your mangled name in the unedited version of my previous post),

    when it is running it's daily scan
    you mean your DMS hangs when a daily scan by Sophos is run? But then, what would your DMS have to do with Windows folders (or does Windows just indicate the platform)? Hangs are rare, normally there can be performance issues or errors due to timouts and timing problems. I'd expect hangs caused by scanning only in applications which "dig deeper" (i.e. do not only rely on usual file system operations).

    Christian

Unfiltered HTML