In the main window of the application web interface, select the Settings section, Exclusions subsection.
Go to the Scan tab.
In the upper-right corner of the application web interface window, click Add.
This opens the New rule window.
In the Criteria drop-down list, select one of the following criteria for adding a rule to the list of scan exclusions:
MD5.
Format.
URL mask.
Email recipient.
Email sender.
Source IP or subnet.
Destination IP or subnet.
User Agent.
If you selected Format, select the file format that you want to add from the Value drop-down list.
For example, you can select the MSOfficeDoc format.
If you selected MD5, URL mask, Email recipient, Email sender, Source IP or subnet, Destination IP or subnet, or User Agent, in the Value field, enter the value of the relevant criterion that you want to add to the list of scan exclusions:
If you selected MD5, enter the MD5 hash of the file in the Value field.
If you selected URL mask, enter the URL mask in the Value field.
You can use the following special characters in the mask:
* – any sequence of characters.
Example:
If you enter *abc* as the mask, the application considers as safe any URL that contains the sequence abc. For example, www.example.com/download_virusabc
? – any single character.
Example:
If you enter example_123?.com as the mask, the application considers as safe any URL that contains the given character sequence and any character following 3. For example, example_1234.com
If the * or ? characters are part of the full URL that you want to add to the list of scan exclusions, use the \ character when entering the URL to escape a single *, ?, or \ character that follows it.
Example:
You need to add the following URL as a trusted address: www.example.com/download_virus/virus.dll?virus_name=
You do not want the application to treat ? as a special mask character so you put a \ character before the ? character.
The URL added to the list of scan exclusions looks as follows: www.example.com/download_virus/virus.dll\?virus_name=
If you selected Email recipient or Email sender, enter the email address in the Value field.
If you selected User Agent, enter the User agent header of HTTP requests containing browser information in the Value field.
If you selected Source IP or subnet or Destination IP or subnet, enter the address or subnet (for example, 255.255.255.0) in the Value field.
In the URL mask, Email recipient, and Email sender field, you can enter domain names containing Cyrillic characters. In this case, the address is converted to Punycode and processed in accordance with application settings.
Click Add.
The rule is added to the scan exclusion list.
Users with the Security auditor and Security officer roles cannot add a scan exclusion rule.