Under the overrides page at both GSM and Site level, you can now create whitelist overrides.
Global whitelist overrides can now be set on a file or folder level as well as the traditional MD5 level. This upgrade allows greater flexibility in the deployment of overrides and means that multiple related MD5 overrides no longer have to be whitelisted individually, instead the whole associated directory can simply be whitelisted.
To create an override:
From the Site console, click the Gobal Settings tab.
The system displays the Global Settings panel, with the Policies panel active.
Click the Overrides tab.
The system displays the Overrides panel.
Click the Add button.
The system displays the New Whitelist Entry window.
To create an MD5 override type, do the following:
In the Name/Description field, enter a name for the override
Make sure the MD5 radio button is selected.
In the MD5 field, enter the 32-character unique identifier for the file.
Click the Create button.
To create a Folder/File override, continue with this procedure.
To use File/Folder overrides please make sure endpoints are running version 9.0.1 or higher of Webroot SecureAnywhere Endpoint Protection. Earlier versions support MD5 overrides only.
In the New Whitelist Entry window, select the Folder/File radio button.
The system displays the New Whitelist Entry window with the relevant fields.
Use the information in the following table to populate the fields.
Target a file or group of files by specifying a file mask with optional wildcards, for example, *.exe to target all executable files in the selected folder. This will default to all files in the selected folder/path if not specified.
You have already selected the Folder/File radio button.
A file mask is a pattern of characters and wildcards used to match folder and file names. For example, *.* would match any file name.
The folder to target with the override.
You can specify an absolute path, for example, ‘x:\myfolder\’ or a system variable with optional path, for example, ‘%SystemDrive%\myfolder’. Default supported environment variables are displayed when you type ‘%’ however you may choose to use any variable you have setup on the target machine with the exception of user variables which are not supported.
You may not use ‘%temp%’ for example as this refers to a specific users temp directory (‘username/temp/’).
Wildcards are not supported.
Select this checkbox to apply the override to all sub-folders within this folder.
Detect if Malicious
If this setting is enabled Webroot will continue to protect the user against threats originating from the selected file/folder whitelist override but will disable monitoring and journaling. This is primarily used to improve performance when monitoring and journaling is being applied to a large number of files with an unknown determination. Disabling this setting will provide a true whitelisting, allowing files to run without Webroot protection.