Exclude DVD installation from AMP

Marius Gunnerud · ‎12-27-2016

I have a DVD installation disk that is being blocked by AMP. Any tips on how to exempt this? I realize that I can exempt the drive, but not I am not sure if all PCs have the same drive number for the DVD / CD drive.

--
Please remember to select a correct answer and rate helpful posts

nspasov · ‎12-30-2016

Hmm, excluding the DVD drive was going to be my first recommendation :)

What exactly is being blocked? Is it a particular .exe/application? If yes, can you create a custom whitelist for it?

Thank you for rating helpful posts!

Thank you for rating helpful posts!

Marius Gunnerud · ‎01-03-2017

I considered white listing the .exe file only, but then decided to do the whole DVD drive as they use a lot of custom programs, and could become a management nightmare if we were to white list on a per file / application basis.

Thanks for the feed back :-)

--
Please remember to select a correct answer and rate helpful posts

nspasov · ‎01-05-2017

Yeah, I know what you mean. Excluding the whole DVD drive is less secure but also less of a headache when compared to whitelisting/blacklisting apps. Ideally, AMP would if/when malware moves from the DVD to the local file share.

Also, I really wish the black/whitelisting functionality is improved. For instance, I would like to say that Java (all Java versions and flavors) are not allowed to run on my DCs. Right now, I have to generate a hash for each version and add it to the list. As a result, the list gets out of control and it is a huge administrative overhead.

Thank you for rating helpful posts!

Thank you for rating helpful posts!