Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
We'd love to hear about it! Click here to go to the product suggestion community
Disclaimer: This information is posted as-is and the content should be referenced at your own risk
This article describes how to exclude an application from Exploit mitigations on the below platforms:
We will cover how to exclude 'known' applications (applications that the Sophos Endpoint detects as installed business applications) and 'unknown' applications (applications that are not categorised by the Sophos Endpoint as business applications but may still require exclusion).
Please note: Sophos does not suggest excluding any applications from any of our protection methods unless the application is fully trusted by the customer. Customers excluding applications do so at their own risk.
For further information on exclusions methods for Cryptoguard please see this article.
The following sections are covered:
Applies to the following Sophos products and versionsSophos Central AdminEnterprise Console 5.5.1Central Endpoint Intercept X 2.0.14Exploit PreventionCentral Server Intercept X 2.0.8
Please note that Exploit Mitigation exclusions in Sophos Central are applied to your whole estate once they are saved.
This method can be used to exclude a particular application after a detection has been raised against it in Sophos Central:
5. After you have made your selection click 'Exclude' to save your changes.
6. The exclusion will now be in place
If a detection has not been raised for an application but it has been identified that a particular application needs to be excluded from a particular mitigation you can set this up in Sophos Central.
This method is useful if you have an application that either reports a large number of unexpected exploit mitigation detections or suffers from performance issues when the exploit mitigation functionality is active.
This method is useful if you have a business application that is not categorised by the Sophos Endpoint as a common business application but still suffers from issues when the Exploit Mitigation functionality is enabled.
Have an idea or suggestion regarding our Documentation, Knowledgebase, or Videos? Please visit our User Assistance forum on the Community to share your idea!