Pls check my previous blogs for the Trend DSM , Relay Server , vSheild Endpoint, Filter Driver , DSVA, DSA and SSP Server. In this blog we can see the policy creation and applying it in the VMs with the exclusion list.
To create the Policy in the DSM go to the the Policy tab.
Policies – Click New Policy
Give the name for the Policy and we can choose the base policy as inherit or None.
We can place the new policy to the computers directly.
In Case if we choose NO then we need to select the policy from the computer console.
Next we need to enable the Anti-Malware and other protection on the policy.
Next Remove the Default from the Real-Time Scan option and Select the Malware Scan configuration.Click Edit and create the new Exclusion Rule.
In Schedule always recommended to have it Every Day All Day option for the Real-Time Scan.
Select the Files and Folder as per our company scan exclusion policy.
Select the Extension Exclusion and the files extensions as per the requirements .
Next Select the Actions and choose appropriate actions .
Once the policy is set then next go the computer and select the computer in which policy have to be applied.
Note that we can apply the policy to the group of computers also.
Go to the General – Policy – Select the Policy which we created ( TestPolicy )
Next Go to the Action tab and Activate the VM.
We can check the status in the General – Status section which will show the corresponding ESXi and the DSVA information.
Once the policy is applied , We can see the computers using the policy in the Policy tab.
Pls check the below KB for excluding UNC Path.
Scan Caching improves the efficiency of on-demand scans performed by the Virtual Appliance. It eliminates the unnecessary scanning of identical content across multiple VMs in large VMware deployments.
• Integrity Monitoring scan caching speeds up Integrity Monitoring scans by sharing Integrity Monitoring scan results.
• Anti-Malware on-demand caching speeds up scans on subsequent cloned/similar VMs
• Anti-Malware Real-time caching speeds up VM boot and application access time
• Concurrent Scan feature allows further overall scan time improvement by allowing multiple VMs to be scanned concurrently
In the next blog we can see the VMtools installation with vShield Endpoint driver installation .
Pingback: Trend Micro Deep Security 9.5 ( VMtools Installation with vShield driver) – Part 9 | Techbrainblog
I’m wondering if is it possible to have a hierachy of exclusion files in Deep Security ? for instance you want to exclude C:\temp in every servers and exclude C:\SQLDATA in every MSSQL Server. Thanks for your blog
No , You can arraign only one policy to each server so best way is create two separate policy with c:\tmp and C:\tmp,c:\sqldata , assign it to appropriate servers
Good Article.. When Trend is synced with Vcenter. Is there a way to exclude a folder of VM’s. So they do not get scanned?
if i understand correctly you asking about adding the vcenter and sync the same , so it is just sync the inventory of the vcenter and in case we want to exclude the folders inside VMs then we can do it in the policy , pls check my blog https://techbrainblog.com/2015/02/20/trend-micro-deep-security-9-5-policies-and-exclusions-part-8/