Manage Global Policy File Exclusions

To avoid scanning every single file and directory on the computer when running a data-based scan (PAN, PCI and PAN, Data Discovery and Data Breach Risk) Global Policy Exclusions can be set up.

Manage Exclusions through Policies

  1. On the All Devices view, go to Settings > Risk Intelligence > Policy.
  2. Select New to add a Policy or select an existing policy and then select Edit.
  3. Go to General and configure the Global Policy File Exclusions:
    • To add a new exclusion to the list click Add enter the exclusion string then Save.
    • To edit an exclusion, highlight the exclusion in the list. Click on Edit update the exclusion string then Save.
    • To delete an exclusion, highlight the exclusion in the list then click Remove.

All future scans will now exclude the specified files and directory strings.

Exclusions added to the Global Policy apply across your Risk Intelligence account. They are not policy specific.

Add Custom Exclusions from the Data Breach Risk Report

In addition to the Global Policy File Exclusions dialog, exclusions may be added for discovered files when viewing the Data Breach Risk Report in the Risk Intelligence dashboard.

  1. Navigate to the Unprotected Data Details section in the data-based scan report (PAN, PCI and PAN, Data Discovery and Data Breach Risk).
  2. Click the Expand to list all discovered files containing unprotected data along with their location.
  3. To add an exclusion for a discovered file,
  4. To add an exclusion based on a current file, click the expand button against the
  5. Expand to list all files containing unprotected data along with their location:
    1. Expand all rows to view all of the information they contain.
    2. Click the expand (>) against an individual entry.
  6. Edit Exclusion List to add any of these files to the exclusion list:
    1. View Global Exclusion List to see the current list (these are edited in a Policy's Account Settings)
    2. Select a discovered file and click the Exclude button against the entry.
  7. Where a file was added in error you can either Remove Exclusion or Cancel Changes to exit out of the dialog.
  8. Save Changes to apply.

risk_intelligence_exclude_report

General Exclusion Rules

The following rules apply to custom exclusions:

  • Exclusions must use forward slashes in paths
  • Exclusions are case sensitive
  • Supported wildcards are *,** and *.*
Extension type Description Entered exclusoin Excludes (matches)  

File pattern with immediate parent directory

Excludes all files with a specific parent directory

**/private/*.*

c:\private\file.xml

c:\temp\private\file.xml

/Volumes/private/file.xml

c:\private\temp\file.xml

c:\temp\private\temp\file.xml

/Volumes/private/temp/file.xml

Directory with wildcard exclusion

Excludes all files with a specific parent directory starting with the entered name

**/PRIVATE*/*.*

c:\PRIVATE_1\file.xml

c:\temp\PRIVATE_2\file.xml

/Volumes/PRIVATE_3/file.xml

c:\PRIVATE_1\temp\file.xml

c:\temp\PRIVATE_2\temp\file.xml

/Volumes/PRIVATE_3/temp/file.xml

Directory and subdirectory exclusion

Excludes all files and directories in a directory.

**/temp/**

c:\temp\folder\sub\file.xml

c:\folder\sub\directory\temp\sub1\sub2\file.txt

/Volumes/directory/temp/sub/file.xml

c:\temp1\folder\sub\file.xml

c:\folder\sub\directory\temp1\sub1\sub2\file.txt

/Volumes/directory/temp1/sub/file.xml

Single file

Excludes the specified file

c:/temp/text.txt

C:\temp\text.txt

-

Global file exclusion

Exclude all files with the specified extension.

*.txt

all .txt files

-

What do you want to do?