Endpoint Security exclusions for Data Loss Prevention Endpoint
Last Modified: 2/15/2024
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Endpoint Security exclusions for Data Loss Prevention Endpoint
Technical Articles ID:
KB68520
Last Modified: 2/15/2024 Environment
Data Loss Prevention (DLP) Endpoint 11.x Endpoint Security (ENS) Threat Prevention 10.x Microsoft Windows Defender and all other antivirus applications SummaryThere are some scenarios where you might need to exclude DLP Endpoint content from scans.
Scenario 1: Since DLP is a security application, no other applications must interfere with its processes, especially antivirus. Scenario 2: After you install DLP Endpoint, it's also possible that the antivirus scanner significantly affects your system performance. This article contains a list of DLP Endpoint processes and folders that can be excluded from the ENS scan. For other antivirus and monitoring applications, consult with your application support. DLP Endpoint processes to exclude: Create an on-access scanner low-risk process exclusion for the following DLP Endpoint processes. Disable scanning when writing to or reading from disk.
DLP Endpoint folders to exclude:
On the same on-access scan policy, create a low-risk exclusion for the following DLP Endpoint folders (including subfolders): DLP Endpoint for Mac folders to exclude: Create an exclusion for the following DLP Endpoint for Mac folders: How to configure exclusions in ENS: When you configure exclusions, always apply the principle that the more precise the exclusion, the smaller the potential security risk. For instructions to configure exclusions, see the Preventing Threat Prevention from blocking trusted programs, networks, and services section in the Endpoint Security Threat Prevention Product Guide. Affected ProductsLanguages:This article is available in the following languages: |
|