WebAdmin bad behavoir when configuring Endpoint Protection Antivirus File/Folders Exceptions

Bump - any thoughts?

Hi,

I will take a guess that your delimiters are seen as control or similar characters and maybe need to be enclosed in quotes or similar.

I don't see any way of the UTM configuration identifying your E folder as being part of your exchange server?

Please check the UTM knowledgebase for detailed instructions.

Thanks!

The online documentation says this: File/folders: If selected, you can exclude a file, a folder, or a network drive from antivirus scanning. Enter the file, folder, or network drive in the File/Path field, e.g., C:\Documents\ or \\Server\Users\Documents\CV.doc.  I tried that and ended up with the results shown in the OP.

There doesn't seem to be anything in the Knowledge Base which covers this situation. I scanned through several dozen articles and read the titles of more than a hundred.

Going with your suggestion, I took the path of "E:\01a-DB\01a-DB\01a-DB", shortened it to "\01a-DB\01a-DB\01a-DB" and saved the exception. Same results.

I wonder if anyone from Sophos will join the discussion .... ?

Hi,

Normally Sophos staff don't join the discussions, more than likely a more knowledgeable forum member will add their expertise.

I can't see how the UTM can exclude a drive on a server from anti-virus scanning, the UTM scans the packets as they pass through the UTM not the destination.

If you are configuring endpoint management on the UTM that is a different story, but you haven't specified that in your thread description.

I would recommend you change you thread title so the it reflects the issue and ask for assistance in configuring the end point exclusions for a mail server.

Hello TimothyTrace,

don't think it's the drive letter. Here are strings I'd try (just for narrowing down): E:\0a\1b\2c\3d\4e\5f\6g\7h\8i\9j\ZZ\ and E:\01\0f\0g\01g. 

Christian

rfcat_vk said:

If you are configuring endpoint management on the UTM that is a different story, but you haven't specified that in your thread description.

Thanks. This topic is in the Endpoint Protection forum.

Nice. It seems that \0(anything) causes WebAdmin to drop the backslash and the zero.

Looks like I'll have to change my database paths and filenames to avoid this bug.

Question: If Sophos employees don't monitor this forum, what's the correct way for me to advise them of this problem? After all, I'm using a complimentary license. I wouldn't blame them for being unresponsive to my concerns.

If they were listening, I'd feature-request bulk imports of exceptions to handle these types of situations, or good documentation on how to script it through the CLI.

Thanks to everyone for the help.

Nice. It seems that \0(anything) causes WebAdmin to drop the backslash and the zero.

Looks like I'll have to change my database paths and filenames to avoid this bug.

Question: If Sophos employees don't monitor this forum, what's the correct way for me to advise them of this problem? After all, I'm using a complimentary license. I wouldn't blame them for being unresponsive to my concerns.

If they were listening, I'd feature-request bulk imports of exceptions to handle these types of situations, or good documentation on how to script it through the CLI.

Thanks to everyone for the help.

you can request features here:

http://ideas.sophos.com/forums/17359-utm-formerly-asg-feature-requests

zaphod said:

you can request features here: http://ideas.sophos.com/forums/17359-utm-formerly-asg-feature-requests

Thanks. I stuck it out there, however the pessimist in me says they've got fatter fish to fry.