Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 8695 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Antivirus Exclusions and how to test they are working

jb111

Hi all.  It has occured to me Sophos has been providing lists of settings for years (ie: Exchange, SQL, Domain controllers, etc...).  Shouldnt there be templates that you can simply import instead of manually entering 2-4 pages worth of exclusions?  The chance for error is high, especially when you have multiple Microsoft technologies.  Furthermore, how would one even know that an exclusion has been applied other than trusting what the console and client AV gui says?  Sorry if I am sounding negative.  I have been receiving lots of pushback vs Sophos lately.  Much thanks.  JB

:53557


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    This sounds promising:

    http://www.sophos.com/en-us/support/knowledgebase/120687.aspx

    "We've made it even easier to get started with servers by creating automatic exemptions. Your servers should just work."

    When questioned, this will extend to server roles such as Exchange, SQL, with a data feed aproach for adding new applications over time.  Might be worth getting a trial of Sophos Cloud in the next couple of weeks to expermiment.

    To test an exclusion, using Eicar (http://www.eicar.org/85-0-Download.html) is one option. Remember you may need to turn off on-access, move it to the exclusion location and enable on-acess again to test.

    At least with SEC 5 I think it was, you can import and export a list of exclusions in the AV policy.

    Regards,

    Jak

    :53561
Reply
  • 0

    Hi,

    This sounds promising:

    http://www.sophos.com/en-us/support/knowledgebase/120687.aspx

    "We've made it even easier to get started with servers by creating automatic exemptions. Your servers should just work."

    When questioned, this will extend to server roles such as Exchange, SQL, with a data feed aproach for adding new applications over time.  Might be worth getting a trial of Sophos Cloud in the next couple of weeks to expermiment.

    To test an exclusion, using Eicar (http://www.eicar.org/85-0-Download.html) is one option. Remember you may need to turn off on-access, move it to the exclusion location and enable on-acess again to test.

    At least with SEC 5 I think it was, you can import and export a list of exclusions in the AV policy.

    Regards,

    Jak

    :53561
Children
No Data