Hello,
What version of SEP are you running?
In case of SEPM 11.x, Try to enable Network Application Monitoring:
- Login to the manager and go to Clients
- Choose the group and Select the Policies tab
- Under Policies Click Network Application Monitoring
- Check the box that says, "Enable Network Application Monitoring."
- From here, you can set the default policy when Endpoint Protection detects changes in an executable. Choose between Ask, Block the Traffic, or Allow and Log.
Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 11
http://www.symantec.com/docs/TECH104326
How to set up learned applications in the Symantec Endpoint Protection Manager
http://www.symantec.com/docs/TECH102994
In case of SEPM 12.1,
Check this Excellent Article:
Creating Application Control Exclusions in Symantec Endpoint Protection 12.1
https://www-secure.symantec.com/connect/articles/crreating-application-control-exclusions-symantec-endpoint-protection-121
Creating an Exception for an Application
- Login to the Symantec Endpoint Protection Manager (SEPM) and go to the Policies page.
- On the Exceptions Policy page, click Exceptions.
- Click Add > Windows Exceptions > Application.
- In the View drop-down list, select All, Watched Applications, or User-allowed Applications.
- Select the applications for which you want to create an exception.
- In the Action drop-down box, select Ignore, or Log only.
- Click OK.
Reference:
How to create an application exception in the Symantec Endpoint Protection Manager
http://www.symantec.com/docs/HOWTO61213
Creating exceptions for Symantec Endpoint Protection
http://www.symantec.com/docs/HOWTO80919
Hope that helps!!