This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WebAdmin bad behavoir when configuring Endpoint Protection Antivirus File/Folders Exceptions

Greetings, I'm having problems when trying to configure the UTM Endpoint Protection Antivirus Exceptions to protect an Exchange 2013 server.

Exchange requires a sizable list of exclusions.

When I try to enter the file/folder exceptions, the UTM UI comes back with unexpected results.

Why is it doing this?

This is UTM 9.407-3, with the home license.

Here's a screencap of a newly-entered file/path exclusion:

 

And here's how that exclusion appears after clicking Save. Note the path!

 

And then if I click edit ...



This thread was automatically locked due to age.
Parents
  • Hello TimothyTrace,

    I'm not a UTM guy 'twas just Exclusion ...bugs? which caught my attention.
    As said I'm not familiar with the UTM UI (but at least with AV exclusions). Wonder if it's the \0 combination as the backslash should generally work. So just to test please try a path with characters other than 0 after the backslash (I know, this is not what you need but ...). Maybe just the \0 gets eaten, maybe others as well. I'd also check what's in the computer's AV settings - whether it's the slashless path or not.
    Unlikely but I've seen similar bugs it could be that the \0 is misinterpreted when it's read back for display in the GUI but correct in the policy.   

    Christian

    P.S. and BTW: Even as the KB article says must the exclusions are not necessarily necessary (forgive the bad pun). We have without problems none of them in place for our Exchange servers.

  • QC said:
    the exclusions are not necessarily necessary....We have without problems none of them in place for our Exchange servers.

    I'm not as brave as you. Microsoft cares enough to publish *and recently update* a TN article with strong words like "must," and I won't risk my reputation or financial income by ignoring them.

    Like I said, I've got first-hand experience with Exchange logfile damage from file-system real-time AV. The recovery was painful enough that I won't ever risk it again.

Reply
  • QC said:
    the exclusions are not necessarily necessary....We have without problems none of them in place for our Exchange servers.

    I'm not as brave as you. Microsoft cares enough to publish *and recently update* a TN article with strong words like "must," and I won't risk my reputation or financial income by ignoring them.

    Like I said, I've got first-hand experience with Exchange logfile damage from file-system real-time AV. The recovery was painful enough that I won't ever risk it again.

Children
No Data