Jump to content
Kaspersky Support Forum

Exclude specific network path from scanning

maerler
 Share

Recommended Posts

maerler

maerler

Posted
Posted

We use Kaspersky Endpoint Security (Cloud) version 12.1.0.506 on Windows 10 Clients. I already found an option to disable the scanning of network shares completely (Security settings -> File Threat Protection -> Network drives scan). But that’s not the thing i need - I just want to exclude a specific host or unc path to be excluded.

The background is easy. We have software installed on a server. On each start Endpoint Security checks the executable and other files the software depends on. So the startup is very slow and the performance more than poor.

I already tried to add an exclusion in Advanced -> Threat detection and exclusions -> Trusted applications -> Add a trusted application like this:

Path or path mask to the application
\\hostname\path

I replaced hostname with the ip address but without luck.

Do use the wrong syntax for the unc path?

 

Link to comment
Share on other sites
ElvinE5

ElvinE5

Posted
Posted

Good day

when specifying the path to the application, you must specify the path to the executable file by its location locally (by the path of its location on the server), not by the network path.

For example

C:\Windows\system32\r_server.exe

or

%SystemRoot%\system32\r_server.exe

in the settings exclusion in "Advanced -> Threat detection and exclusions -> Trusted applications " you have examples of writing such rules
 

Спойлер

image.thumb.png.cdc4852c085d41fc7066c06ee139c8a1.png

if you select the specified settings, then the system will not control the actions of the program you specified, this should help with the slow operation of the application.

 

and yes, if you make this exception in a general policy (applied to all devices), it will be applied to all, and if they have the same executable file located on the same path, this exception will be applied to them. if you only want the exception for one server, create a separate policy profile and apply to that server.

Link to comment
Share on other sites
maerler

maerler

Posted
  • Author
Posted

Thanks ElvinE5!

I know how to exclude local applications. These apps run perfectly since they all have locally installed client runtimes.

The Problem is that the executable isn’t on the local file system. It runs directly from the server share (\\hostname\path\example.exe). We already exclude the files on the server itself, but the performance issue is on the client side.

So, there is no other way to exclude an UNC path from scanning except disabling it for all network shares?

Link to comment
Share on other sites
ElvinE5

ElvinE5

Posted
Posted

Unfortunately, I'm afraid it won't work...

in a solution with an internal KSC server (or Cloud Consol, i think), we can try to add this file (your program on the server) to the exclusion from checking by its hash sum

Спойлер

image.thumb.png.e4e784786cf91a2f8c9b8ac1d3e72cbc.png

 

but in the cloud version (the one you use) this functionality is not available.

try contacting technical support through the portal, maybe they will have some solution for you

https://companyaccount.kaspersky.com/account/login

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...