We've had multiple request for Exclusion policy reviews. However we've not found an "Easy" way to do this. So far I've found the documentation Symantec has release. To export each policy, then convert the .dat to a .zip file and export the main.xml file. Thats all well and good somewhat, but the people who are looking at this information don't understand the schema. With multiple policies it is a nightmare trying to do this and explain it to each individual that asks. Has anyone had any luck getting these into Excel in a "Readable" format?
Ideally we'd like to do this quarterly to audit our exclusions and see what needs to be added and/or removed.
There is no easy way. What you mentioned is one way. Another is to go into the Exception policies and for each just copy/paste the lines into an Excel doc. It's still manual but it's better than getting the XML and parsing it out.
Problem is that neither method is practical. At an Enterprise level this should be a function within the console. From a security standpoint it's important to reivew these periodically to ensure that you're not broadening your attack surface. Parsing multiple policies manually can take weeks.
You'd think but it doesn't exist outside of manual intervention. Not to mention even adding a simple description column to track why the exception was needed. Symc has an internal tool for importing policy so maybe it can be exported as well but that's something to take up with support. Perhaps they can do it for you if you send them your policies.
I think the fastest way for now is just to open the Exceptions policy, click on some of the lines inside, then Ctrl+A (to select everything), copy and then paste in Excel. After that delete column B as it doesn't give any useful information and you are ready.