Add/Import Exclusions

Specific files, file types or file paths can be excluded from AntiVirus scans. This can be done, for example, where scanning these entities provides no benefit because they are safe but scanning them causes a noticeable performance impact on the endpoint. Exclusions might also be used temporarily in the event of a false positive whereby a clean file gets quarantined incorrectly. Adding an exclusion for this file enables the file to be restored immediately instead of waiting for an updated set of AntiVirus definitions whereby the file will be restored automatically if the false positive has been addressed with that new set of definitions.

You can view a set of recommended exclusions based on application vendor recommendations in the Ivanti Community Article Excluding files, folders and processes from scans. The article includes XML files containing these excludes which can be imported directly into the policy. There is one XML file for core system excludes which should be applied to all endpoints in your environment (subject to your review and acceptance). In addition, there is a Common Application Exclusions XML file which should be edited and applied selectively for any endpoints containing those applications.

Excluding file paths adds risk in that malware can execute from these locations without being scanned. You should minimize the use of file path exclusions to minimize the associated risk.