CISCO AMP Endpoint Whitelisting
- Amrutha Bolad (Unlicensed)
Cisco AMP (Advanced Malware Protection) Endpoint Whitelisting is a security feature that allows only pre-approved and specified programs to run on an endpoint device while blocking any other unapproved programs from executing.
Login to CISCO AMP Endpoint.
Click on Management in CISCO AMP Endpoint.
Select the Exclusions page.
Exclusion for Windows
Click on New Exclusion set to create a new exclusion set for Window.
Under New exclusion Set for select product as Windows, Mac, OR Linux as required. ( only a single product can be selected at a time).
For exclusions for different OS Types, please create multiple exclusions.
After selecting the product set the Name and Select type(path).
Provide to include the Cybercnsagent folder path C:\Program Files (x86)\CyberCNSAgentV2\
Click on Save.
After adding requested credentials, it will successfully create a popup as New exclusion set successfully created.
Further, navigate to Policies to Set Policies.
Under All, please select Audit.
Select Edit policy and then under Exclusions Sets select custom.
Select Custom Exclusions under Exclusion and select the Newly added exclusion e.g cybercns in this case.
Click on Save.
After clicking the save button Confirm Action will pop up then click on Continue.
Policy Audit Successfully updated popup will appear.
Here is the created Exclusions for Windows.
Exclusion for Mac
Add New Exclusion Set For Mac.
After selecting the product enter the Name, Select type(path).
Provide the include the Cybercnsagent folder path \opt\CyberCNSAgentV2
Click on Save.
Created New Exclusion Successfully created popup will appear.
Click on Policy and select Exclusions.
In that select Custom Exclusions and select the name of the created exclusion.
Click on Save.
After clicking the save button Confirm Action by clicking on Continue.
Here is the created Exclusions for Mac.
This Completes the Exclusion path in the Cisco AMP Endpoint Document.