Cisco Cisco AMP 7150 Manual Técnico

with anti-virus signatures that contain strings that the FireAMP Connector detects as malicious or
issues with quarantined files.

Cisco recommends that you have knowledge of FireAMP Cloud Console, FireAMP for Endpoints,
and anti-virus products.

This document is not restricted to specific software and hardware versions.

The information in this document was created from the devices in a specific lab environment. All of
the devices used in this document started with a cleared (default) configuration. If your network is
live, make sure that you understand the potential impact of any command.

There are three types of usable exclusions in the FireAMP console. If the wrong exclusion type is
used, the exclusion will not function. It is important to note the format of each type in order to verify
the exclusion was added properly during the tuning process.

This exclusion type is pretty obvious. It is used in order to exclude files of a certain extension, no
matter where on the machine. Examples:

.db

●

.db-journal

●

.db3

●

.db3-journal

●

This exclusion can be used in order to exclude a singular path. Any subfolders within that path will
also be excluded. Path exclusions are the only ones that can use Constant Special Item ID List
(CSIDL) as a wildcard and CSIDL does not cooperate. The two path formats are:

CSIDL_WINDOWS\system32\

●

C:\Windows\system32\

●

Note: The end ' \ ' is optional and ' * ' will be taken as a literal directory, not a wildcard.