Reference Guide
Manage Policies
202
Unsafe Executable
Auto Quarantine
With Executable
Control Enabled
Selected
Selected
Not Selected
If selected, Unsafe executable files are automatically quarantined or
blocked to prevent their execution.
Note: If you Auto Quarantine, it is highly recommended that before
deployment, you test Auto Quarantine only on devices using a test
policy to observe the behavior and ensure that no business-critical
applications are blocked at execution.
Unsafe Executable
Auto Upload
Enabled
Selected
Selected
Not Selected
If selected, any detected Unsafe file is automatically uploaded for a deeper
analysis and additional details about the file.
Abnormal
Executable Auto
Quarantine With
Executable Control
Enabled
Selected
Selected
Not Selected
If selected, Abnormal executable files are automatically quarantined
or blocked to prevent their execution.
Note: If you Auto Quarantine, it is highly recommended that before
deployment, you test Auto Quarantine only on devices using a test
policy to observe the behavior and ensure that no business-critical
applications are blocked at execution.
Abnormal
Executable Auto
Upload Enabled
Selected
Selected
Not Selected
If selected, any detected Abnormal file is automatically uploaded for a deeper
analysis and additional details about the file.
Allow Execution of
Files in Exclude
Folders
Not Selected
Selected
Not Selected
If selected, executable files are allowed to run, even if they are in folders
excluded in the Exclude Specific Folders policy.
Auto Delete Not Selected
Selected
Not Selected
If selected, after the time period specified in the Days until Deleted policy, files
that are quarantined on an endpoint are automatically deleted.
Days until Deleted
14
14-365 days
Number of days until files that are quarantined on an endpoint are
automatically deleted.
Memory Actions
Memory Protection
Enabled
Not Selected
Selected
Not Selected
This policy must be selected to use all other Memory policies. If this policy is
Not Selected, no Memory Action policies are enforced, regardless of other
policy values.
NOTE: Before enabling Memory Protection, enable Compatibility Mode, to
ensure applications function properly on the client computer. For instructions
on how to enable Compatibility Mode, see Enable Compatibility Mode for
Memory Protection.
Compatibility Mode does not apply to Mac clients.
Enable Exclude
executable files
Selected
Selected
Not Selected
Allow specific process files to be excluded from Memory Protection. This policy
must be selected to use the Exclude executable files policy.
Exclude executable
files
String
\Windows\System32\CmgShieldService.exe
\Windows\System32\EMSService.exe
\Program Files\Dell\Dell Data Protection\Threat
Protection\DellAVAgent.exe
\Program Files\McAfee\Agent\cmdagent.exe
\Program Files\McAfee\Agent\FrmInst.exe
\Program Files\McAfee\Agent\macmnsvc.exe
\Program Files\McAfee\Agent\macompatsvc.exe
String
Exclude specific process files from Memory Protection. This allows the
specified files to run or be installed on any device on which this policy is
enforced.
All exclusions added must be specified using the relative path of that
executable file (exclude the drive letter from the path).
Correct (Windows): \Application\SubFolder\application.exe
Correct (Mac): /Users/application.app/executable
Incorrect: \Application\SubFolder\
Incorrect: C:\Application\SubFolder\application.exe