Global Exclusions
You can exclude files, websites and applications from scanning for threats.
Introduction
You use exclusions to tune the detection behavior of Sophos Central.
Exclusions
Global exclusions apply to all your users (and their devices) and servers.
If you want exclusions to apply only to certain users or servers, use policy exclusions instead.
You can set up the following types of exclusion:
- Exclude files or folders from scanning.
If you exclude files from scanning, we'll still check the excluded items for exploits.
- Exclude from checking any process that runs from an application.
- Exclude websites from checking.
- Exclude applications from protection against security exploits.
- Exclude applications that are normally detected as spyware and previously detected exploits from scanning and detection.
- Exclude previously detected malicious behavior exploits. This is only available if you are signed up to the Early Access Program.
You can also use exclusions to allow isolated devices to communicate with other devices under restrictions. This feature is available if you have Intercept X Advanced with EDR.
Can’t edit the exclusions?
If an option is locked global settings have been applied by your partner or Enterprise administrator. You can still stop detecting applications, exploits and ransomware from events.
Exploit exclusions
If you exclude files from scanning, we'll still check the excluded items for exploits. If you want exclusions from exploit checking, do as follows:
- To stop checking for an exploit that has been detected, use a Detected Exploits exclusion.
- To exclude certain applications from checking, use Exploit Mitigation Exclusions.
- To stop checking for a malicious behavior exploit that has been detected, use a Behavioral Protection exclusion.
Set up exclusions
You can exclude files, websites and applications from scanning for threats.
To set exclusions:
To edit an exclusion later, click its name in the exclusions list, enter new settings and click Update.