Capture Client-Interoperability with DC
Description
This article explains how to configure exclusions on Capture client for the Microsoft Domain Controller.
NOTE: If you deploy this solution, the Capture client (S1 Agent) will not be able to protect the affected endpoints from exploits directed at the application vulnerabilities.
Resolution
Below are the steps to add exclusions for the Microsoft Domain Controller to a specific Device: .
- Go to https://captureclient-36.sonicwall.com and login using your MysonicWALL credentials .
- Navigate to Assets>Groups>Click on Add .
- Create a Static Group as below specific to the Device thats needs the exclusion to be applied .
Group Name: DC exclusion
Group Type: Device Group
Group Category:Static
- Click Next to Apply .
- In the ADD Devices/Rules page choose the specific device that needs the exclusion to be applied and click Add.
- Click Next to Apply.
- Validate the settings on the Summary Page and click confirm to review the policy inherited.
- The Static Group is successfully created , click Done to complete.
- Click on assigned policy for the particular group and you will lead to the policies page .
- Navigate to Exclusions under Policy and click '+' on the top right of the exclusion page add the Path as required and click Add.
General Exclusions for all Windows platforms:
Pagefile.sys
*.pst
C:Windows\System32\Spool
C:Wiindows\SoftwareDistribution\Datastore
%allusersprofile%\NTUser.pol%Systemroot%\system32\GroupPolicy\registry.pol
For Domain Controller Exclusions
: \ WINNT \ SYSVOL
: \ WINNT \ NTDS
: \ WINNT \ ntfrs
: \ WINNT \ system32 \ dhcp
: \ WINNT \ system32 \ dns
: \ WINNT \ ntfrs
: \ WINNT \ system32 \ dhcp
: \ WINNT \ system32 \ dns - Navigate to Asset>Device>Choose the specific Device>Settings>Update Policy.
- Also make sure the Policy is updated on the end client as well.
Related Articles
Categories
not finding your answers?