Trusted applications, websites, and services can be excluded from the security engine so they aren't detected, blocked, or quarantined by our software. Super Admins can manage exclusions by adding, editing, or deleting them in the console to prevent disruptions from false positives. See the sections below for steps to manage exclusions.
Before adding exclusions, go through this overview to understand the types of exclusions available and the syntax required.
Use exclusions to prevent an application or website from being blocked or quarantined after you've verified they are safe. For instructions on reporting a false positive, see Report a false positive to ThreatDown.
Configure exclusions
- Go to Configure > Exclusions.
- Click New exclusion.
- On the Add Exclusions window, complete the following fields:
- Enable/disable: Switch the toggle to enable your listed exclusions. This toggle is turned off by default.
- Input line: Enter each exclusion on a separate line.
- Applies to: Select whether to apply the exclusion to all endpoints or specific policies.
- Comments (Optional): Provide a comment to give the exclusion a unique description.
- Click Validate.
- In the Validate Exclusion window, verify the information regarding your listed exclusions. See table below for more details on validations.
- Click Save. In the top-right, a confirmation message displays The exclusions were successfully created.
To edit an exclusion after it's been created, click on the exclusion and make the required changes.
The exclusion is applied to the assigned endpoints within minutes provided the real-time WebSocket communication occurs between the endpoints and Nebula. For more information, see Manage endpoints in Nebula.
Exclusion validations
| Exclusion validations | Description |
| Status | Shows if the exclusion is enabled or disabled. |
| Exclusion | Displays the exclusion value entered. |
| Type | Displays the exclusion type given to this exclusion. Click and select a different value from the drop-down if necessary. |
| Applies to | Select whether the exclusion will apply to Global (all endpoints), or a specific policy. |
| Apply to specific | Shows the specific policies to which the exclusion applies. |
| Categories | Shows icons indicating the Nebula protection layers affected by the exclusion. Click to change which protection layers are affected by the exclusion. |
| Comment | Provide a comment to give the exclusion a unique description. |
| Actions |
Click the |