AMP Exclusions "Network Location"

kurt.westenhoefer@denbury.com · ‎05-04-2018

Can a network share or a file on a network share be added to exclusions? If so, what is the syntax?

I have an .exe on a share that I have whitelisted, but it still gets caught by AMP from time to time. (by Tetra per tech support) They said it is a bug and to either disable Tetra or Exclude all UNC paths. That is not a good solution for me. I only have this issue with a couple EXE files on this one share because this one app is launched from the network share. Thanks in advance.

comunicaciones · ‎01-22-2019

Hi ,

Have you find the solution?

Regards,

kurt.westenhoefer@denbury.com · ‎01-22-2019

I have not found a solution.

Chris Staples · ‎01-28-2019

Hello,

I have the same issue where AMP ignores the Exclusion I have setup for an .exe that runs from a network file share. I have tried several variations and still have the issue. I have Tetra disabled, we are using Symantec Endpoint Protection for our AV.

I have tried using CSIDL_NETWORK and file path, the drive letter with file path, and the newest one I'm testing is a wildcard *\part of file path\.*exe

Please let me know if someone finds a solution.

Thank you!!

Matthew Franks · ‎01-28-2019

Are you using a process exclusion or a path exclusion? If you're using a path exclusion, AMP will still monitor the execution of that process when it launches. If the process exclusion is not successful, I recommend opening a TAC case so they can take a closer look at the logs to see what is happening with the .exe.

Thanks,

Matt