Hello,
Does anyone know if this "Trusted Web domain" exception applies to SCCM deployments? We are still getting a lot of WS.Reputation.1 detections (mainly
Unproven file detections).
Are these SCCM deployments classified as non-portal files because as per the definition below I suppose yes?
Also note that in the risk report, for Web domain it is blank so will really "Trusted Web domain" exception work for such deployments and if not, what is the solution so we can exclude the SCCM servers from Download Insight detections?
What are portal files?
Download Insight marks a file as a portal file when it examines a file that a user downloads
from a supported portal. Scheduled and on-demand scans, Auto-Protect, and Download Insight
evaluate the reputation of portal files using the sensitivity level that is set for Download Insight.
Note: Download Insight must be enabled to mark files as portal files.
Supported portals include: Internet Explorer, Firefox, Microsoft Outlook, Outlook Express,
Google Chrome, Windows Live Messenger, and Yahoo Messenger. The portal list (or
Auto-Protect portal list) is part of the Virus and Spyware Protection content that LiveUpdate
downloads to the management server or the client.
Scans and Download Insight always evaluate non-portal files with a default internal sensitivity
level that Symantec sets. The internal default detects only the most malicious files.
Regards,
Stefan