Syntax for file and process exclusions in Forefront Endpoint Protection?

Posted by Massimo on Server Fault See other posts from Server Fault or by Massimo
Published on 2012-10-24T11:03:58Z Indexed on 2012/10/25 17:02 UTC
Read the original article Hit count: 548

Filed under:

sccm

|

ms-forefront

|

system-center

|

ms-forefront-2010

|

sccm-2012

I can't seem to find an official and up-to-date documentation on how to set up file and process exclusions in Forefront Endpoint Protection 2012.

For file types, which of these will work? Are they the same?

ext
.ext
*.ext

What about wildcards?

.e?t
.e*
.*t

For file paths, which wildcards are allowed and how do they work?

C:\path*
C:\path\s*e
C:\path\somef?le
C:\*\somefile
C:\pa*\somefile
C:\pa?h\somefile
*\path
*:\path

For processes, can wildcard be used when specifying the file name? Same syntax as file paths?

Also: I read in this post that, as of October 2009, Real Time Protection ignored wildcards; is this still true for the 2012 version?

© Server Fault or respective owner

Related posts about sccm

SCCM 2007 R2 missing boot.wim files from OSD\Boot folder

as seen on Server Fault - Search for 'Server Fault'
I have just installed SCCM 2007 R2 and when I went to deploy an OS i found that there is a problem with the boot.wim...There isnt one in the osd\ folder on the SCCM server. I then tried to use other WIM files and they all failed with "Error: Errors You can not import this boot image. Only finalized… >>> More
Deploy a Language pack lp.cab for windows 7 ent with SCCM 2007 sp2

as seen on Server Fault - Search for 'Server Fault'
Where and how am I able to add the lp.cab file within SCCM so that I can have the language pack install when Windows 7 and the apps are installed. I want to add it to my task sequence but where is this option available. Thanks >>> More
SCCM 2007 R2 Win 7 Deployment client restarting after WinPE boot

as seen on Server Fault - Search for 'Server Fault'
Hi, I have tried to deploy windows 7 through SCCM, I have it all setup. On the first deployment the PC boots into PXE gets an IP then loads the WinPE. It then shows a starting windows box. The box then disappears and after a few seconds the computer restarts. Any Ideas? Which logs should I be checking I… >>> More
SCCM using an existing WSUS server

as seen on Server Fault - Search for 'Server Fault'
I currently have a WSUS 3.0 sp2 in the environment. I have just installed SCCM r2 sp2 and want it to use the existing wsus server. Is this an option if so doesn anyone know how this is done. I have look in the site settings but it doesnt allow you to choose your wsus server. Am I missing something… >>> More
IUSR account and SCCM 2007 R3 agent

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
I recently started working with SCCM and rolling the agent out with machine having IIS 7.x installed. I ran into issues where the SCCM agent wouldn't install. The errors mostly were 0x80004005 and 1603, another key one I found was Return Value 3 in the SCCM setup log. During… >>> More

Related posts about ms-forefront

Does MS Forefront TMG cache authentication?

as seen on Server Fault - Search for 'Server Fault'
I'm testing a client machine that makes requests to a biztalk server using a forefront machine as a web proxy. Upon first test I put in an invalid name/password into the receive port and received the correct error message (407). Then, I set the correct name/password and everything worked correctly… >>> More
Forefront TMG vs pfSense

as seen on Server Fault - Search for 'Server Fault'
We currently run pfSense with no problems, however we are looking at TMG as it is included in our partner subscription to MS and allows Windows 7 DirectConnect features to our domain for off-site users. I have had a google, but there don't seem to be any comparisons of TMG to pfSense. Anyone have… >>> More
Syntax for file and process exclusions in Forefront Endpoint Protection?

as seen on Server Fault - Search for 'Server Fault'
I can't seem to find an official and up-to-date documentation on how to set up file and process exclusions in Forefront Endpoint Protection 2012. For file types, which of these will work? Are they the same? ext .ext *.ext What about wildcards? .e?t .e* .*t For file paths, which wildcards… >>> More
Forefront UAG vs. Server 2012 Direct Access

as seen on Server Fault - Search for 'Server Fault'
So I'm working on bringing my company into the 21'st century, with virtual servers, active directory, ADFS, SSO etc. Its a huuuuge project, with a future goal of ISO 27001 cerification. The current question is, does the Direct Access role offered by Server 2012 perform the same role as Forefront… >>> More
Forefront TMG 2010: Can you monitor realtime TCP connections and bandwidth on a per-user basis?

as seen on Server Fault - Search for 'Server Fault'
I'm just starting a trial of ForeFront TMG to use as a proxy server. I know I can get a real time activity monitor and filter on a per user basis, but would like to be able to get a real time activity monitor of all users that I can then sort by bandwidth consumed (enabling me to get a view on who… >>> More