In the last blog, we created a specific query based collection for hyper-v hosts. Now we will create a Endpoint Protection Policy -with scan exclusions for Hyper-V Hosts – just for this collection.
On the wunderbar in the SCCM 2012 RC1 Console click on “Assets and Compliance”. Open the folder “Endpoint Protection” and right click there on “Create Antimalware Policy”.
Give this policy a name like “Hyper-V Hosts”
On the left side of the windows click “Exclusion settings”, then on the right side behind “Excluded files and folders” on “Set…”
Here we can see, that a few exclusions are set by default – cool
We need two specific folder exclusions for the hyper-v hosts:
Enter the folder and click “Add”
Additionally we need to exclude two processes. So click behind “Excluded processes” on “Set”…
… and add the following two services:
The policy is created so we have to tell the system, who needs this policy! In the last blog we’ve created the dynamic collection to collect the Hyper-V Hosts.
Right click on the newly created Antimalware Policy “Hyper-V Hosts” and choose “Deploy”
Mark the collection “Hyper-V Hosts” and click “OK”
Good luck and kind regards