Howto: create a scanning exclusion in sophos central that also works in subfolders

Question

Hi, 
 i am new with sophos and also with sophos central and i am nut sure howto generate a scanning exclusion that also worked for subdirectorys. 
 I have a directory called d:\VmWare inside this are a lot of Subdirs with differen vmware installations. 
 Inside the Threat Protection Policy at the buttom i can add Policy (not global) based exclusion. 
 But the description is, you can exclude a drive, a folder and file. 
 From other vendors o know a option with check mark like "include Subfolders", but i am missing this here. 
 Is there a special syntax to different betwee this both options? 
 Can you please help. 
 Thanks 
 Olaf

jak · Answer

Hi, 
 Excluding: C:\folder\ 
 will exclude all files under C:\folder\ and files in all sub-dirs. Note: you always need a trailing backslash to define a folder exclusion, otherwise you're excluding a non existent file called C:\folder. 
 More info here: 
 http://docs.sophos.com/sophos-cloud/customer-dashboard/help/en-us/webhelp/index.htm#general/ExclusionsVariables.htm#concept_dxh_vsf_pp 
 A good test is to use the Eicar test file. This will help you prove the exclusions are working. http://www.eicar.org/86-0-Intended-use.html 
 You can can copy the eicar string of characters into a .txt file. E.g. eicar.txt, it will not be detected by default as a .txt. If you rename it to .com it will be detected unless of course the file/directory is excluded. 
 Regards, 
 Jak

Gowtham Mani · Answer

Hi Howiedog, 
 The information is available in Sophos Central Admin under the topic Windows Scanning Exclusions: Wildcards and Variables .