[KB6832] Create exclusion for PUA in ESET Security Management Center

0
(0)

Issue

ESET business product in Limited Support status

This article applies to an ESET product version that is currently in Limited Support status and is scheduled to reach End of Life status soon.

For a complete list of supported products and support level definitions, review the ESET End of Life Policy for business products.

Upgrade ESET business products.

  • Create a policy to exclude PUAs by their hash value in ESET Security Management Center

Solution

  1. Click Tools → Quarantine on the client machine that has already detected the PUA, and verify that the PUA is listed in the Quarantine list.

Figure 1-1
Click the image to view larger in new window

  1. Open ESET Security Management Web Console (ESMC Web Console) in your web browser and log in. Click More → Quarantine. Verify that the PUA found on the client machine is listed in the Quarantine list.

Figure 1-2
Click the image to view larger in new window

  1. Click Client Tasks → Quarantine management  New. Enter the necessary information in the Basic section.
  1. Click the Settings section and select Restore object(s) and Exclude in Future from the Action drop-down menu. Select Hash items from the Filter Type drop-down menu.
  1. Click Add in the Hash Item(s) section under Filter Settings, select the check box next to the PUA that was detected on the client machine and click OK.
  2. Click Finish to complete the task and create a Trigger for this Client Task.

Figure 1-3
Click the image to view larger in new window

  1. On the client machine, navigate to Exclusions (Setup → Advanced Setup → Detection Engine → Files and folders to be excluded from scanning → Edit ). The PUA is now listed as an exclusion in the Exclusions list.

Figure 1-4
Click the image to view larger in new window

  1. In ESET Security Management Center Web Console, click Computers, select the client computer and click Show details → Configuration → Request Configuration.
  2. Select Security product and click Open Configuration and then click Convert to Policy. The policy with this excluded PUA is now available to use for any client computer.

Figure 1-5
Click the image to view larger in new window

  1. Open the policy you just created and enter the necessary information in the Basic section. Click the Settings section, click Detection Engine → Exclusions → Edit and you can see the excluded PUA.

    Figure 1-6
    Click the image to view larger in new window

  2. Click Assign and assign the policy with the PUA exclusion to other computers and click Finish.

Languages

Please contact your local support agent if you would like us to translate this article.

Last Updated: Mar 24, 2021

Related articles:

Source : Official ESET Brand
Editor by : BEST Antivirus KBS Team

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

(Visited 28 times, 1 visits today)
Tagged: