Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Subscribers 2 subscribers
  • Views 16914 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

default on-access scan windows exclusions

nikolaj

Hello,

I would like to know if the exclusions in the picture below are put by default by Sophos or instead you must put it.



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    Yes, the exclusions in the picture are there by default. In case you need to add any particular exclusion you could do that here.

    Haridoss Sreenivasan
    Technical Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to Haridoss Sreenivasan

    So why in the "Default" policy under "Antivirus and HIPS", none of these entries exist?

  • 0 in reply to nikolaj

    They are not default.  Someone has chosen to add them to your policy.

    Many of the entries on that list aren't scanned by default beyond checking they are not executable anyway.

    I would remove them all and re-enable scanning of remote files.  

    Just follow the article I mention for any specific roles the computers that are using that AV policy.

    *.jar is a concern as you excluding all .jar files from all locations on disk.

    Regards,

    Jak

  • 0 in reply to jak

     "scanning of remote files" means the shares for example?

    .jar by default is scanned and is better leave this way?

  • +1 in reply to nikolaj

    Yes, scanning of a file, say opened by a local process on a remote file share.  E.g. \\server\share\1.exe.

    You would want to scan .jar files.  The only reason you may not is if you had a specific Java application which was suffering performance issues.  Even then, you would exclude files in a specifc location to minimize risk rather than all .jar files on the system.  This might also follow submitting sample files to Support to see if there was a reason there was a performance issue scanning them.

    Regards,

    Jak

Reply
  • +1 in reply to nikolaj

    Yes, scanning of a file, say opened by a local process on a remote file share.  E.g. \\server\share\1.exe.

    You would want to scan .jar files.  The only reason you may not is if you had a specific Java application which was suffering performance issues.  Even then, you would exclude files in a specifc location to minimize risk rather than all .jar files on the system.  This might also follow submitting sample files to Support to see if there was a reason there was a performance issue scanning them.

    Regards,

    Jak

Children
  • 0 in reply to jak

    The only reason you may not is if you had a specific Java application which was suffering performance issues.  

    That is the case.

    Even then, you would exclude files in a specifc location to minimize risk rather than all .jar files on the system.

    I agree with you.

Unfiltered HTML