Scribd
Upload
545 views9 pages

Deep Security Server Files and Files Path Exclusion

Deep Security allows you to exclude files, file paths, processes, and ports from antivirus and firewall protection through policy rules. You can create exclusions by editing the anti-malware settings in a computer's policy details. Similarly, you can create firewall rules to allow or deny specific traffic by source, destination, protocol, and more. For example, a rule can be created to block ping requests from a client to a server. Web reputation rules can also be used to allow or block URLs based on their reputation.

Uploaded by

arghasree9582
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
545 views9 pages

Deep Security Server Files and Files Path Exclusion

Deep Security allows you to exclude files, file paths, processes, and ports from antivirus and firewall protection through policy rules. You can create exclusions by editing the anti-malware settings in a computer's policy details. Similarly, you can create firewall rules to allow or deny specific traffic by source, destination, protocol, and more. For example, a rule can be created to block ping requests from a client to a server. Web reputation rules can also be used to allow or block URLs based on their reputation.

Uploaded by

arghasree9582
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

From Deep Security server files and files path exclusion:

In order to exclude file, file path or Process please go to the Computer:

Now From the left panel select the Group or the computer you would like to enforce the policy & from
the right side select the computer to press the “details” to open the policy
After opening the policy, select the anti-malware from the right under overview & press the edit option
as per the below image

Once the new windows opened, go to the exclusion


As portrayed, please mark the directory list in order to create a new directory list exclusion

On the new directory list property page, give it a name & description & under directory box, type the
directory path & press ok
Do the rest such as file or process exclusion as above.

In order to allow ports from AV firewall,from the Deep Security console go to computers

Go to policies then select Rules-Firewall rules-

In order to create new rule select new


As an example get the name of the new rule (TEST) and fill the tabs under General information:

Let’s have an example, we have created a FW rules to block Ping (ICMP) from One Client ([Link])
to Server ([Link])

In order to do that, please do the following:

 Under Action select the Deny from the drop down menu
 Under Priority choose Normal or any severity based on requirement
 Since we are going to block ping from client to server as in one direction so Choose the
“Outgoing” under packet direction
 Frame type & Protocol Would be IP & ICMP
 At the Packet source type a single IP([Link]).Mack & port to be left as default
 Under Packet Destination Type the server IP ([Link]). At the end Press apply & OK
As you can see, Ping from client to server is not working, Although rest of communication toward the
server is OK as portrayed in second image

In order to block URL do the following:

Based on URL reputation you can increase the security level


Allow the url as per below

Block the url as per below


As an example we have blocked the [Link] through Web reputation & allowed the Google .com
As you can see the following page [Link] has been blocked by Deep security

You might also like