Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Excluding a UNC path from scanning in Deep Security

    • Updated:
    • 26 Nov 2019
    • Product/Version:
    • Deep Security 10.0
    • Deep Security 10.1
    • Deep Security 10.2
    • Deep Security 10.3
    • Deep Security 11.0
    • Deep Security 11.1
    • Deep Security 11.2
    • Deep Security 11.3
    • Deep Security 12.0
    • Platform:
Summary

You can exclude a UNC path from scanning even if “ \\ “ is not a valid entry for network share or UNC path in Deep Security, and not a supported format on the Directory List Properties page of the Deep Security Manager (DSM).

If you have upgraded from a lower version, the existing directory list entries are preserved and will remain in effect, including those with “\\” and “\\ip\”. However, once you are on the new version, you may no longer be able to modify or create a new directory list with “\\” and “\\ip”.

Details
Public

UNC path exclusion cannot be done with Deep Security Virtual Appliance (DSVA) due to the VMware's Thin Driver API in use. The procedure below is for Deep Security Agent (DSA) protected machines only.

Most common environment variables (e.g. ${windir}, ${programfiles}, ${systemroot}) are supported. It is recommended to use the common variables only, and configure other items under Environment Variable Overrides.

To exclude a UNC path from scanning:

A. Create an Environment Variable for the UNC path.

  1. On the DSM console, click the Policies tab and then go to the specific policy (e.g. Windows Antimalware Protection) or the Base policy.
  2. Click Settings in the left panel and then go to the Computer tab.
  3. Under Environment Variable Overrides, click View Environment Variables

    View Environment Variables

  4. Click New.
  5. Provide a variable name and then enter "\\" as the value for all UNC paths, or "\\10.X.X.X\” for a specific UNC path.

    Note that the excluded paths are case-sensitive. Below are some examples:

    • To exclude all UNC paths:

      Name: all_uncpath
      Value: \\

    • To exclude a specific UNC path only:

      Name: unc_path1
      Value: \\10.x.x.x\

    Environment Variable Overrides

  6. Click OK.

B. Add the Environment Variable to the Directory Exclusion list.

  1. On the DSM console, click the Policies tab and then go to the specific policy (e.g. Windows Antimalware Protection) or Base policy.
  2. Click Anti-Malware in the left column.
  3. Click the General tab and then click Edit in the Real-Time Scan Settings section.
  4. Go to the Exclusions tab.
  5. Select Directory List and then click New or Edit Directory List.
  6. Under General tab, provide a name for this directory exclusion list.
  7. In the Directory field, enter the variable you created. For example, “${all_uncpath}” or “${unc_path1}”.

    Exclusions

  8. Click OK.

The specified UNC path/s will now be exempt from scanning.

Premium
Internal
Rating:
Category:
Configure
Solution Id:
1096634
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.