Configuring Exception Lists

You can configure a Shavlik Protect Agent policy to never allow specific files, to always allow specific files, and to always allow specific folders. You do this using the Exceptions tab. The items you define here affect Active Protection and any threat tasks you may have defined in the policy.

Always Allow List

Files you specify in this list will always be allowed to run on the agent machines. Folders you specify in this list will be ignored when the program is searching for threats.

Important! There is one exception. If a user adds the same item to their individual Never allow list using the agent client program, the item will not be allowed.

Note: You can also add files to the Always allow list from the Manage Quarantine dialog.

Never Allow List

Files you specify in the Never allow list will always be blocked and quarantined on the agent machines. This list will override any entries the end users may make in their individual Always allow lists using the agent client program.

Caution! Be careful not to specify any critical programs that may be needed.

To add a file or a folder to a list

  1. Choose the type of list item you want to add (Never allow files, Always allow files, or Always allow folders (recursive)).

  2. Click in the File name or pattern box and type a specific file name, a specific folder name, or a file\folder pattern.

You can use the * and ? wildcard characters when specifying names and patterns. For complete details see Exception List Examples.

  1. Click Add.

The file or folder is added to the appropriate list.

 

    Delete

Removes the selected item(s) or the selected list.

Modify

Removes the selected item from the list and allows you to edit the item within the File name or pattern box. To return the corrected item to the list, click Add.

Always Allow

Moves the selected item(s) to the Always allow list.

Never Allow

Moves the selected item(s) to the Never allow list.

Save and update Agents

Saves all changes to the policy file and stores it on the console. Also updates any agent machines that are currently assigned this policy as follows:

  • If an agent machine is online and configured to listen for policy updates, the updated policy will be pushed out to that machine immediately.

  • If an agent machine is online but is not configured to listen for policy updates, the updated policy will be pushed out the next time the agent checks in with the console.

  • If an agent machine is not currently online, the updated policy will be pushed out the next time the agent checks in with the console.

The Agent Policy Editor will be closed.

Cancel

Indicates you want to exit the Agent Policy Editor without saving your most recent changes. A "Do you want to save your changes?" prompt will appear that gives you a second chance to save your changes. If you click Yes the policy will be saved and the associated agents updated (the same as Save and update Agents).  If you click No the Agent Policy Editor will be closed without saving your changes.