https://worldofeuc.com logo
Join Slack
Powered by
This message was deleted.
# _general
s
This message was deleted.
d
Aaron are you thinking primarily about the process restriction? It does worry me the number of exclusions we have to configure, as someone could easily exploit a Citrix environment by targeting their malware at the Citrix recommended exclusions.
a
Path and process. With path rules you can specify that the exclusion is for on-access scans, but not for quick/full scans
👍 1
d
I am on a project right now walking thru all of this and finding that the old exclusions model doesn't seem to be working as expected in Azure 😞 Logons are pegging the CPU, throttling is not engaging, etc. Frustrating :-(
While we are talking about it - I would love to figure out an easier way to enter all the exclusions rather than copy paste each line into a GPO but still maintain a central repository. I just entered some 80 or so and really don't want to have to do that again...
d
Use PowerShell to add the entries to your GPO 😉
d
to the GPO itself? How is that done? I see plenty of instructions for local changes, but not to a GPO. Happy to learn something new today!
d
Figure out the reg path needed from the ADMX, and you can then set via Powershell. I only learned about this recently too... game-changer when building baseline GPOs in new deployments!
🤘 1
d
I'll say. I need to deploy I think 5 different sets of rules to at least 4 regions, so I can't exactly use the same GPO for each (grr). This would save a boatload of time!
👍 1
d
My goal is to have baseline GPOs for most common scenarios in a CSV or similar, edit the CSV to define what you want to set for that particular customer then use powershell to read the CSV and build the GPO.
d
I like it. But... still charge for the time it would take to do it manually. You're paid for what you do, not what you know, lol
Open in Slack
PreviousNext
Powered by