Solved: Silencing Alerts on Whitelisted Apps

lee.ross · ‎12-02-2016

We have a developer who uses a custom app that AMP triggers on. At first we whitelisted the app. That didn't work however as the exe is constantly morphing (probably why amp hates it). So eventually we added his system to the Audit group. This works but the end user is still receiving pop up alerts on his desktop. I have 2 questions, 1st) is there a way to silence these alerts? 2nd) Is there a way to create a custom filter so by default the events in the dashboard wont show hits on whitelisted files / folders?

Thanks for your help

Lee

Employbridge

Matthew Franks · ‎12-02-2016

Instead of whitelisting this file, you should exclude it. The whitelist is only going to prevent a quarantine but the file will still be scanned. If you exclude it, it will not be scanned and no alerts will trigger. This will allow you to maintain the Protect policy on the machine and still avoid the alerts for this custom application.

View solution in original post

Matthew Franks · ‎12-02-2016

Instead of whitelisting this file, you should exclude it. The whitelist is only going to prevent a quarantine but the file will still be scanned. If you exclude it, it will not be scanned and no alerts will trigger. This will allow you to maintain the Protect policy on the machine and still avoid the alerts for this custom application.

lee.ross · ‎12-02-2016

Thanks Mathew for your quick response. I have implemented your suggestion and am awaiting end user feedback. I will update asap.

Thanks

Lee

lee.ross · ‎12-05-2016

Thanks for your help Mathew, Created a policy and group and thru the system in the group.

Works like a charm.

Lee

Matthew Franks · ‎12-05-2016

You're welcome!