How to exclude files or folders from Real-Time scanning in Policy Manager

This article applies to the following F-Secure products: Policy Manager, Client Security, and Server Security

If you want to exclude files or folders from being scanned by Real-Time scanning, follow these steps:

In the Standard view

Select Root under Domain tree.
Go to the Settings tab, and select the Real-time scanning page.
Select what kind of exclusions you want to implement.
- Exclude files based on their file extension:
  1. Select Do not scan files with the following extensions.
  2. Enter the extension in Excluded extensions.
    Note: The extensions should be added without the preceding . (dot). Separate multiple extensions with spaces.
- Exclude files based on their location or checksum (hash):
  1. Select Do not scan the following files and applications.
  2. Click Add.
  3. Select the identification method.
    - Select File path if the file that you want to exclude always uses the same path.
    - Select Folder path if you want to exclude all files in a specific folder.
    - Select Application SHA-1 if the path for the file that you want to exclude may vary across different hosts.
  4. Enter the path or hash that you want to exclude from scanning. For example:
    - File name: text.txt (this excludes all files named text.txt from scanning).
    - Full file path: C:\test\text.txt (excludes the specific text.txt file in the C:\test folder from scanning).
    - Folder path: C:\test (excludes all contents in the C:\test folder from scanning).
    You can also add a comment if you want to keep a record of why the file or application was excluded.
  Note:
  DeepGuard supports exclusions configured for real-time protection; however, there are the following exceptions:
  - Wildcards are not supported,
  - Device names are not supported; use standard paths with drive letters.
Click OK.
If you want to allow users to exclude files or applications from scanning, select Allow users to add scanning exclusions.
Distribute the policies.

An example of the Policy Manager UI in Standard view

The new entry should appear in the target machine(s) in the different products as follows:

In Client Security 14 and Server Security 14: In the Excluded tab; and in Type, it should read Controlled by admin.
In Client Security 13: In the Exclude from scanning window, and listed in the Objects tab.
In Server Security 12: In the Exclude from scanning window, and listed in the Objects tab. This appears when you click Configure on the Real-time scanning page.