Excluding a folder can reduce the amount of false positives if your organization uses data encryption when exchanging files using shared folders. For example, Behavior Detection can raise false positives when the user works with files with the ENC extension in a shared folder. Such activity matches a behavioral pattern that is typical for external encryption. If you have encrypted files in a shared folder to protect data, add that folder to exclusions.
How to create an exclusion for protection of shared folders using the Administration Console (MMC)
This opens a window containing a list of exclusions.
If the check box is cleared, the user can access only the general list of exclusions generated in the policy. Also, if this check box is cleared, Kaspersky Endpoint Security hides the consolidated list of scan exclusions in the user interface of the application.
You can also enter the path manually. Kaspersky Endpoint Security supports the *
and ?
characters when entering a mask:
*
(asterisk) character, which takes the place of any set of characters, except the \
and /
characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\*\*.txt
will include all paths to files with the TXT extension located in folders on the C: drive, but not in subfolders.*
characters take the place of any set of characters (including an empty set) in the file or folder name, including the \
and /
characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\**\*.txt
will include all paths to files with the TXT extension located in folders nested within the Folder
, except the Folder
itself. The mask must include at least one nesting level. The mask C:\**\*.txt
is not a valid mask.?
(question mark) character, which takes the place of any single character, except the \
and /
characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\???.txt
will include paths to all files residing in the folder named Folder
that have the TXT extension and a name consisting of three characters.You can use masks at the beginning, in the middle or at the end of the file path. For example, if you want to add a folder for all users to exclusions, enter the C:\Users\*\Folder\
mask.
How to create an exclusion for protection of shared folders using the Web Console and Cloud Console
The policy properties window opens.
If the check box is cleared, the user can access only the general list of exclusions generated in the policy. Also, if this check box is cleared, Kaspersky Endpoint Security hides the consolidated list of scan exclusions in the user interface of the application.
You can also enter the path manually. Kaspersky Endpoint Security supports the *
and ?
characters when entering a mask:
*
(asterisk) character, which takes the place of any set of characters, except the \
and /
characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\*\*.txt
will include all paths to files with the TXT extension located in folders on the C: drive, but not in subfolders.*
characters take the place of any set of characters (including an empty set) in the file or folder name, including the \
and /
characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\**\*.txt
will include all paths to files with the TXT extension located in folders nested within the Folder
, except the Folder
itself. The mask must include at least one nesting level. The mask C:\**\*.txt
is not a valid mask.?
(question mark) character, which takes the place of any single character, except the \
and /
characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\???.txt
will include paths to all files residing in the folder named Folder
that have the TXT extension and a name consisting of three characters.You can use masks at the beginning, in the middle or at the end of the file path. For example, if you want to add a folder for all users to exclusions, enter the C:\Users\*\Folder\
mask.
You can use the toggle to stop an exclusion at any time.
How to create an exclusion for protection of shared folders in the application interface
You can also enter the path manually. Kaspersky Endpoint Security supports the *
and ?
characters when entering a mask:
*
(asterisk) character, which takes the place of any set of characters, except the \
and /
characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\*\*.txt
will include all paths to files with the TXT extension located in folders on the C: drive, but not in subfolders.*
characters take the place of any set of characters (including an empty set) in the file or folder name, including the \
and /
characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\**\*.txt
will include all paths to files with the TXT extension located in folders nested within the Folder
, except the Folder
itself. The mask must include at least one nesting level. The mask C:\**\*.txt
is not a valid mask.?
(question mark) character, which takes the place of any single character, except the \
and /
characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\???.txt
will include paths to all files residing in the folder named Folder
that have the TXT extension and a name consisting of three characters.You can use masks at the beginning, in the middle or at the end of the file path. For example, if you want to add a folder for all users to exclusions, enter the C:\Users\*\Folder\
mask.
You can use the toggle to stop an exclusion at any time.