Exclude Files and File Paths from Scans

Applies To: WatchGuard Advanced EPDR This topic applies to the WatchGuard Advanced EPDR endpoint security product., WatchGuard EPDR This topic applies to the WatchGuard EPDR endpoint security product., WatchGuard EDR This topic applies to the WatchGuard EDR endpoint security product., WatchGuard EPP This topic applies to the WatchGuard EPP endpoint security product., WatchGuard EDR Core This topic applies to the WatchGuard EDR Core, available in the Total Security Suite license.

Settings vary for WatchGuard Advanced EPDR, EPDR, EDR, EDR Core, and EPP. Throughout this documentation, WatchGuard Endpoint Security refers generally to all products. If you do not have a setting in the Endpoint Security management UI, it is not supported by your product.

In the General settings of a workstations and servers settings profile, you can exclude files and paths from scans. Exclusions can be used when you have compatibility or performance issues and want to troubleshoot the issue. WatchGuard Endpoint Security does not block, delete, or disinfect excluded items when it scans for malware. Exclusions disable antivirus and advanced protection for the specified files and file paths. We recommend that you only exclude files and paths to resolve performance problems.

To run a unclassified program, such as an uncommon program with few users, you do not have to add an exclusion. To unblock an unclassified program, add it to the Authorized Software list. For more information, go to Configure Authorized Software Settings (Windows Computers).

Inherited Exclusions

By default, you cannot edit or delete the workstations and servers settings inherited from your Service Provider. If the Service Provider configured scan exclusions to be editable, the setting profile shows the label, Editable Exclusions. You can add exclusions but you cannot delete or edit the list of exclusions defined by the Service Provider.

If your Service Provider changes the status of the settings from editable to non-editable, the exclusions you added no longer apply. Only the exclusions from the Service Provider apply. If the Service Provider changes the configuration again to be editable, then the exclusions you previously added are restored and applied.

Configure Scan Exclusions

To configure scan exclusions:

1. In WatchGuard Cloud, select Configure > Endpoints.
2. Select Settings.
3. From the left pane, select Workstations and Servers.
4. Select an existing security settings profile to edit, copy an existing profile, or in the upper-right corner of the page, click Add to create a new profile.
   The Add Settings or Edit Settings page opens.
5. Enter a Name and Description for the profile, if required.
6. Select General.

7. To exclude all files with specific extensions, in the Files and Paths Excluded from Scans section, in the Extensions text box, type file extensions, separated by commas.
   For example, exe, com.
8. To exclude a specific file, in the Files text box, type the file name and path to exclude.
   For example, C:\windows\system32\filename.dll. Separate multiple entries with commas.
9. To exclude all files in a specific location, in the Folders text box, type a folder path.
   For example, C:\windows\system32 , \\192.168.21.23\test, and %ProgramFiles%\Test.
10. To exclude email attachments with specific file extensions, in the Extensions text box, type the file extensions for an attachment, separated by commas.
    For example, exe.
11. Click Save.
12. Select the profile and assign recipients, if required.
    For more information, go to Assign a Settings Profile.

Related Topics

Create Exclusions in WatchGuard Endpoint Security

Manage Settings Profiles

Copy a Settings Profile

Edit a Settings Profile

Assign a Settings Profile

Configure Workstations and Servers Security Settings