I can't seem to find an official and up-to-date documentation on how to set up file and process exclusions in Forefront Endpoint Protection 2012.
For file types, which of these will work? Are they the same?
- ext
- .ext
- *.ext
What about wildcards?
- .e?t
- .e*
- .*t
For file paths, which wildcards are allowed and how do they work?
- C:\path*
- C:\path\s*e
- C:\path\somef?le
- C:\*\somefile
- C:\pa*\somefile
- C:\pa?h\somefile
- *\path
- *:\path
For processes, can wildcard be used when specifying the file name? Same syntax as file paths?
Also: I read in this post that, as of October 2009, Real Time Protection ignored wildcards; is this still true for the 2012 version?
Best Answer
Yes they're allowed and supported (but not your last 2 examples, can't use it for a drive letter, see link updated in 2014: https://support.microsoft.com/en-us/kb/2962341