Exclude items from on-access scanning

If you use role-based administration:

  • You must have the Policy setting - anti-virus and HIPS right to perform this task.
  • You cannot edit a policy if it is applied outside your active sub-estate.

For more information, see Managing roles and sub-estates.

You can exclude items from on-access scanning.

Warning These options apply only to Windows, Mac OS X, and Linux.

Sophos Enterprise Console cannot perform on-access scans on UNIX computers.

  1. Check which anti-virus and HIPS policy is used by the group(s) of computers you want to configure.
  2. In the Policies pane, double-click Anti-virus and HIPS. Then double-click the policy you want to change.

    The Anti-virus and HIPS Policy dialog box is displayed.

  3. In the On-access scanning panel, click the Configure button.
  4. Click the tab for Windows Exclusions, Mac Exclusions, or Linux/UNIX Exclusions. To add items to the list, click Add and enter the full path in the Exclude Item dialog box.

    The items you can exclude from scanning differ on each type of computer. See Items that can be excluded from scanning.

    To exclude files that are not stored on local drives, select the Exclude remote files check box. You might select this if you want to increase speed of access to such files and you trust the available remote file locations.

Important If you select Exclude remote files on the Windows Exclusions tab, data control will not scan files uploaded or attached from a network location using a monitored application, for example, an email client, a web browser, or an instant messaging (IM) client. This is because data control uses the same set of exclusions as the Sophos Anti-Virus on-access scanner (InterCheck ™). If remote file scanning is disabled, it will not send any remote files for a data control check. This restriction does not apply to storage device monitoring.

You can export the list of Windows exclusions to a file and then import it into another policy. For more information, see Import or export on-access scanning exclusions.