ESET Endpoint Antivirus for Linux – Table of Contents

Processes exclusions

The Processes exclusions feature enables you to exclude application processes from Real-time file system protection.

Backup solutions strive to improve speed, process integrity, and service availability. They usually use techniques known to conflict with file-level malware protection to achieve it. Similar problems can occur when attempting to complete a live migration of virtual machines. Usually, the only effective way to avoid such situations is to deactivate Anti-Malware software.

By excluding specific processes (for example, those of the backup solution), all file operations attributed to such excluded processes are ignored and considered safe, thus minimizing interference with the backup process. We recommend using caution when creating exclusions – an excluded backup tool can access infected files without triggering an alert, which is why extended permissions are only allowed in the real-time protection module.

This feature was designed to exclude backup tools. Excluding the backup tool's scanning process ensures system stability and does not affect backup performance as the backup is not slowed down while it is running. Ultimately, it minimizes the risk of potential conflicts.

Add binaries to the list of excluded processes

1.In ESET PROTECT, click Policies > New policy and type a name for the policy.

2.Click Settings and select ESET Endpoint for Linux (V7+) from the drop-down menu.

3.Click Protections > Real-time file system protection.

4.In the Real-time file system protection > Processes exclusions section, click Edit next to Processes to be excluded from scanning.

5.Click Add.

6.Type the absolute path of the binary.

7.Click Save twice.

8.Click Continue > Assign, select the desired group of computers the policy will apply to.

9.Click OK, then click Finish.

As soon as a binary is added to the exclusions, ESET Endpoint Antivirus for Linux stops monitoring its activity. Scans do not run on any file operations performed by that binary.

You can also Edit existing processes or Delete them from exclusions.

Export/import detection exclusions

To export the processes exclusions file:

1.In ESET PROTECT, click Policies > New policy and type a name for the policy.

2.Click Settings and select ESET Endpoint for Linux (V7+) from the drop-down menu.

3.Click Protections > Real-time file system protection.

4.In the Real-time file system protection > Processes exclusions section, click Edit next to Processes to be excluded from scanning.

5.Click Export.

6.Click the download icon Download next to Download exported data.

7.If the browser prompts to open or save the file, select Save.

 

To import the exported processes exclusions file:

1.In ESET PROTECT, click Policies > New policy and type a name for the policy.

2.Click Settings and select ESET Endpoint for Linux (V7+) from the drop-down menu.

3.Click Protections > Real-time file system protection.

4.In the Real-time file system protection > Processes exclusions section, click Edit next to Processes to be excluded from scanning.

5.Click Import, then the browse icon Browse to browse for the exported file, click Open.

6.Click Import > OK > Save.

7.Click Continue > Assign, select the desired group of computers the policy will apply to.

8.Click OK, then click Finish.