How to Configure Exclusions for Security Manager - AV Defender
Tue Jun 16 08:49 GMT 2020
- This article provides information on configuring AV Defender exclusions
- When planning system scans, exclusions should be added to folders, processes, and paths for programs that you do not want to be scanned
- You can configure AV Defender to exclude folders, files, and file types from the On Access, On Demand, or Scheduled scans.
- N-able N-central
- AV Defender
- AV Defender exclusions can be defined at three levels:
- SO Level > Configuration > Security Manager > Global Exclusions
- Customer Level > Configuration > Security Manager > Global Exclusions
- AV Defender Profile > General Settings > Exclusions
- Within the process section you can define exclusions for processes.
- To exclude a process, the path and process name should be explicitly defined with no wildcards (but you CAN use environment variables here):
- For example: C:\Program Files\process.exe
- When creating a process exclusion you will also need to create a file exclusion for the same file.
- Within the File/Folder section you can define exclusions for files, folders and file extensions.
- To exclude a file, the full path should be provided:
- For example: C:\Users\Administrator\Documents\file.txt.
- To exclude a folder, the full path should be provided including its trailing backslash.
- Doing so would exclude all files in the folder and sub-folders:
- For example: C:\Users\Administrator\Documents\
- To exclude an extension, there should be no preceding dots or period and the exclusion should be separated from each extension:
- For example: xlsm or docm.
- Within the Network Scan section you can define exclusions for IPs, URL and Applications.
- To exclude an IP, enter in the desired IP address, which also supports wildcards:
- For example: 192.168.0.*
- To exclude a URL enter in the url including the correct protocol i.e. http/https.
- Wildcards are supported, which are recommended as some sites have re-directs which you will also need to exclude:
- For example: https://*n-able.com/*
- To exclude an application you can use wildcards so it's not required to use the path.
- This only works with the firewall module
- Each exclusion can only include one item - you cannot concatenate multiple items in the same exclusion.
- Exclusions can be enable or disabled under the Agent Attempted Action and you cannot delete defaults.
- SO Global Exclusions cannot be enabled or disabled under the customer level global exclusions.
- Exclusions for UNC Paths (\\server\folder\) must be added in two places:
- File/Folder tab (as type of Folder)
- Network Scan tab (as type of URL, and with a trailing asterisk (eg: \\server\folder\*))
- While not necessarily a requirement, it's a good idea to ensure that the server is designated as a static IP to help rule out any DNS issues when AV Defender attempts to validate the path prior to applying the exclusion