Recommendations regarding exclusions in F-Secure products

This discussion has a more recent version.
Katriina_M Posts: 445 F-Secure Employee

This article outlines F-Secure's recommendation towards exclusions in all F-Secure end-point protection products, including Client Security and Server Security.

Exclusions are always potential attack vectors. A hacker can potentially figure out how to read the list of exclusions and use this information to compromise a system, which is why we recommend applying exclusions only in the following circumstances:

  1. Performance issues with applications, which are caused by the anti-virus application. In these cases, we recommend that you contact F-Secure Customer Care, so that we can investigate the issue, and if possible, release a fix to address the problem.
  2. False positive detection. When you experience a false positive, the affected file can be temporarily excluded until F-Secure fixes the false positive detection. If you experience a false positive, please provide F-Secure with a sample via Submit a Sample.

To summarize, if any given application running on a server or workstations works without issues, exclusions are not necessary. If you need to apply exclusions, please refer to the respective software vendor and apply the recommendations they share. For instance, Microsoft has this recommendation for enterprise computers running Windows: Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows