Adding a scan exclusion rule

To add to scan exclusions:

1. In the main window of the program web interface, select the Settings section, Exclusions subsection.
2. Go to the Scan exclusions tab.
3. In the upper-right corner of the program web interface window, click Add.

   This opens the New rule window.

4. In the Criteria drop-down list, select one of the following criteria for adding a rule to the list of scan exclusions:
   • MD5
   • Format
   • URL mask
   • Email recipient
   • Email sender
   • Source address or subnet
   • Destination address or subnet
   • User Agent
5. If you selected Format, select the file format that you want to add from the Value drop-down list.

   For example, you can select the MSOfficeDoc format.

6. If you selected MD5, URL mask, Email recipient, Email sender, Source address or subnet, Destination address or subnet, or User Agent, in the Value field, enter the value of the relevant criterion that you want to add to the list of scan exclusions:
   • If you selected MD5, enter the MD5 hash of the file in the Value field.
   • If you selected URL mask, enter the URL mask in the Value field.

     You can use the following special characters in the mask:

     * – any sequence of characters.

     Example: If you enter *abc* as the mask, the program considers as safe any URL that contains the sequence abc. For example, www.example.com/download_virusabc

     ? – any single character.

     Example: If you enter example_123?.com as the mask, the program considers as safe any URL that contains the given character sequence and any character following 3. For example, example_1234.com

     If the * or ? characters are part of the full URL that you want to add to the list of scan exclusions, use the \ character when entering the URL to escape a single *, ?, or \ character that follows it.

     Example: You need to add the following URL as a trusted address: www.example.com/download_virus/virus.dll?virus_name= You do not want the program to treat ? as a special mask character so you put a \ character before the ? character. The URL added to the list of scan exclusions looks as follows: www.example.com/download_virus/virus.dll\?virus_name=

   • If you selected Email recipient or Email sender, enter the email address in the Value field.
   • If you selected User Agent, enter the User agent header of HTTP requests containing browser information in the Value field.
   • If you selected Source address or subnet or Destination address or subnet, enter the address or subnet (for example, 255.255.255.0) in the Value field.

   In the URL mask, Email recipient, and Email sender field, you can enter domain names containing Cyrillic characters. In this case, the address is converted to Punycode and processed in accordance with program settings.

7. Click Add.

The rule is added to the scan exclusion list.

Users with the Security auditor and Security officer roles cannot add a scan exclusion rule.

See also Managing the list of scan exclusions Viewing the list of scan exclusions Deleting a scan exclusion rule Editing a rule added to scan exclusions Exporting the list of data excluded from the scan Filtering rules in the scan exclusion list by criterion Searching rules in the scan exclusion list by value Resetting the rule filter in the scan exclusion list

Page top