[KB6766] Exclude files or folders on endpoints from Real-time scanning using ESET Security Management Center (7.x)

Alert: End of Life (EOL) issues requiring your immediate attention

Alert: ESET North America offices closed January 18, 2021

[KB6766] Exclude files or folders on endpoints from Real-time scanning using ESET Security Management Center (7.x)

Details

In ESMC 7.1 and later, file exclusions are separated into two categories: Performance exclusions and Detection exclusions
Performance exclusions can be added by editing the endpoint policy
Detection exclusions can be added from the Detections tab and managed from the Exclusions tab

Issue

File-level scanning of some email servers, backup software, Customer Relationship Management (CRM) software, etc. causes abnormal system behavior
Use ESET Configuration Editor to create a configuration that excludes specific applications or folders from Real-time scanning

Solution

Endpoint users: Perform these steps on individual client workstations

ESET Security Management Center (ESMC) 7 User Permissions

This article assumes that your ESMC user has the correct access rights and permissions to perform the tasks below.

If you are still using the default Administrator user, or you are unable to perform the tasks below (the option is grayed out), see the following article to create a second administrator user with all access rights (you only need to do this once):

Create a second administrator user in ESET Security Management Center 7.x

View permissions needed for least privilege user access

A user must have the following permissions for the group that contains the modified object:

*Functionality*	*Read*	*Use*	*Write*
Policies	✓	✓	✓

A user must have the following permissions for each affected object:

*Functionality*	*Read*	*Use*	*Write*
Groups & Computers	✓	✓	✓

Once these permissions are in place, follow the steps below.

Add a Performance exclusion

Open ESET Security Management Center Web Console (ESMC Web Console) in your web browser and log in.
Click Policies.
Click your policy for client computers and select Edit.

Click Settings, click Detection Engine → Exclusions and then click Edit next to Performance exclusions.

Click Add, type the directory that you want to exclude from scanning into the Path field and add a comment for the exclusion in the Comment field. Click OK. Make sure the filepath for your exclusion is in the correct format, for example "C:\Users\[username]\Documents\file.exe".

Do not use wildcards for directories!

Wildcards for directories in paths are not supported. Read more about exclusions and wildcards here.

Click Save when you are finished adding exclusions.
Click Finish to save your changes.

Add a Detection exclusion

Open ESET Security Management Center Web Console (ESMC Web Console) in your web browser and log in.
Click Detections and then click the detection you want to exclude.

Select Create Exclusion.

Select the desired Exclusion criteria and click Add. Visit our online help topic for more information about Exclusion criteria.

Click More (...) → Exclusions to manage the Detection exclusion.

Last Updated: Aug 25, 2020