nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

How to create a DeepGuard exclusion for Elements Endpoint Protection?

Issue:

How to exclude a file, folder or application that is incorrectly blocked by Elements Endpoint Protection (EPP for Computers or EPP for Servers) DeepGuard feature?

Resolution:

If a file, that you are sure to be safe, is being blocked by DeepGuard, you can exclude a file or folder from all security measures by following these steps:

Log in to the Elements Security Center: https://elements.withsecure.com
Navigate to the Server Configuration > Profiles page
Choose the profile which the device is using
Go to the Scanning settings page
Scroll down to the Global exclusions from all security scans section and click Add exclusion
In the Path field add the:
- Full path for the application if you want to exclude a specific application
- Folder path if you want to exclude a folder and its sub folders
Click Save profile

Note that you can use wildcards when creating the exclusions. For example: C:\Users\*\AppData\Local\test\

This would exclude the AppData\Local\test\ folder and all its sub folders for all users.

If you want to locally on the device itself create the exclusion:

Open the Elements Agent user interface on the device
Go to Settings
Go to the Malware protection settings page
Click view quarantine (enter administrator username and password if needed)
Select the Excluded tab
Click Add new
Add the file path or folder path
Click OK

DeepGuard can also be excluded using the SHA-1 of the process:

Log in to the Elements Security Center portal
Go to the Events > Security events page
Click on the three dots on the right side of the DeepGuard detection
Select Exclude file by SHA1
- The file SHA1 is automatically added to the Global exclusions from all security scans list
Click Save profile

The SHA-1 can also be added manually to the DeepGuard protection rules. Follow the steps below to manually add an SHA-1 exclusion in DeepGuard:

Log in to the Elements Security Center portal
Navigate to the Security configurations > Profiles page
Select the profile you want to add the exclusion to
Go to the Real-time scanning page
Scroll down to DeepGuard settings
Click on Add rule
Fill in the SHA1-hash and a note about the application
Click Save profile

Note: If DeepGuard is blocking software that you see as trusted, it is recommended to report the executable to WithSecure Labs for potential whitelisting: Submitting a file sample | Welcome to WithSecure Elements | Latest | WithSecure User Guides

Article no: 000012390