This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WebAdmin bad behavoir when configuring Endpoint Protection Antivirus File/Folders Exceptions

Greetings, I'm having problems when trying to configure the UTM Endpoint Protection Antivirus Exceptions to protect an Exchange 2013 server.

Exchange requires a sizable list of exclusions.

When I try to enter the file/folder exceptions, the UTM UI comes back with unexpected results.

Why is it doing this?

This is UTM 9.407-3, with the home license.

Here's a screencap of a newly-entered file/path exclusion:

 

And here's how that exclusion appears after clicking Save. Note the path!

 

And then if I click edit ...



This thread was automatically locked due to age.
Parents
  • Hi,

    I will take a guess that your delimiters are seen as control or similar characters and maybe need to be enclosed in quotes or similar.

    I don't see any way of the UTM configuration identifying your E folder as being part of your exchange server?

    Please check the UTM knowledgebase for detailed instructions.

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Thanks!

    The online documentation says this: File/folders: If selected, you can exclude a file, a folder, or a network drive from antivirus scanning. Enter the file, folder, or network drive in the File/Path field, e.g., C:\Documents\ or \\Server\Users\Documents\CV.doc.  I tried that and ended up with the results shown in the OP.

    There doesn't seem to be anything in the Knowledge Base which covers this situation. I scanned through several dozen articles and read the titles of more than a hundred.

    Going with your suggestion, I took the path of "E:\01a-DB\01a-DB\01a-DB", shortened it to "\01a-DB\01a-DB\01a-DB" and saved the exception. Same results.

    I wonder if anyone from Sophos will join the discussion .... ?

     

  • Hi,

    Normally Sophos staff don't join the discussions, more than likely a more knowledgeable forum member will add their expertise.

    I can't see how the UTM can exclude a drive on a server from anti-virus scanning, the UTM scans the packets as they pass through the UTM not the destination.

    If you are configuring endpoint management on the UTM that is a different story, but you haven't specified that in your thread description.

    I would recommend you change you thread title so the it reflects the issue and ask for assistance in configuring the end point exclusions for a mail server.

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Hello TimothyTrace,

    don't think it's the drive letter. Here are strings I'd try (just for narrowing down): E:\0a\1b\2c\3d\4e\5f\6g\7h\8i\9j\ZZ\ and E:\01\0f\0g\01g

    Christian

Reply Children