Scanning regularly keeps the systems clean and safe. In a large organization the client systems may be installed in physically separated environments.
To centrally manage all the systems about how to scan and when to initiate scanning, the administrator must have a policy. This feature helps you create policies for scheduling scans for the client systems.
To configure policy for Schedule Settings, follow these steps:
- On the Feature Policy page, you can see the following list of settings with expand sign and toggle button. Expand and enable settings that you want to configure.
- Scheduled Tuneup
- Scheduled Client Scan
- Data-At-Rest Scan
- Asset Management
- Application Control
- Vulnerability Scan
- Patch Scan
- ETH Scan
- To save your settings, click Save Policy.
Importantly, if you have customized the settings and later you want to revert to the default settings, you can do so by clicking the Reset Default button.
Scheduled Tuneup
Scheduled Tuneup setting allow you to carry out different types of cleanups such as; disks, registry entries, or schedule a defragmentation at scheduled time at next boot.
To schedule Tuneup settings, follow these steps:
- In Frequency (Weekly), select a day of the week.
- In Start At, set time in hours and minutes.
- Select the Run task immediately if missed check box if you want to run the scan immediately if missed the set schedule.
- In Tuneup settings, select either or all of the following options:
- Disk cleanup
- Registry cleanup
- Defragment at next boot
However, all these options are selected by default.
Scheduled Client Scan
This feature allows you to create policies to initiate scanning the clients automatically at a convenient time. You can define whether the scan should run daily or weekly, select scan mode (Quick Scan, Full System Scan). You can also enable Antimalware while scanning. This will supplement other automatic protection features to ensure that the client systems remain malware-free.
- In Frequency, select either the Daily or Weekly option.
- In Start At, set time in hours and minutes.
-
Select the Run task immediately if missed check box if you want to run the scan immediately if missed the set schedule.
Note
- Missed schedule scan is not supported on Windows XP SP3 (32- bit) operating system.
- For Microsoft Windows Vista and above operating systems, missed schedule scan will not work if Schedule task is not run at least once.
-
In Scanner Settings section, Under How to Scan, select a scan mode from the following:
- Quick Scan (Scan Drive where operating system is installed)
- Full System Scan (Scan all the fixed drives)
- Select Scan Priority. The Scan Priority is Low by default. You can change the priority to Normal or High, if required.
- Under Select scan mode, to set optimal setting, select the Automatic option.
- To set advanced setting, select the Advanced option.
- If you select the Advanced option, further settings such as, scan items and scan types are activated.
-
Under Select items to scan, select any of the following:
- Scan executable files
- Scan all files (Takes longer time)
- Scan packed files
- Scan mailboxes
- Scan archives files
-
If you select the Scan archives files option, you can set the following also:
- Archive Scan Level: You can set up to level 16.
- Select action to be performed when virus is found in archive file: You can select one of the actions from Delete, Quarantine, and Skip.
- In Select action to be performed when a virus is found section, select an action from the following: Repair, Delete, and Skip.
- To enable scanning for malware, select the Perform Antimalware scan check box.
- In Select action to be performed when malware found, select an action from the following: Clean and Skip.
- Under Boot Time Scan Settings, select the Perform Boot Time Scan check box.
-
Select Boot Time Scan Mode option from the following,
- Quick Scan (Scan the areas where operating system and applications are installed)
- Full System Scan (Scan all the fixed drives)
Boot time scan will be executed whenever the endpoint system restarts.
Click the Enable Boot Time Scan Protection checkbox if you need to skip the boot time scan. Note that you need to provide the password to perform this activity.Note
Scan packed files, Scan mailboxes, and Antimalware Scan Settings are available only in the clients with Windows operating system.
Data-At-Rest Scan
With Data-At-Rest scan, you can search for a particular type of data in various formats and detect any confidential data that is present in your endpoints and removable devices. To perform Data-At-Rest scan, you must enable DLP on the endpoints. To do this, see DLP.
- In Frequency, select either the Daily or Weekly option.
- In Start At, set time in hours and minutes.
- If you want to repeat scanning of your clients, select Repeat Scan and set the frequency to repeat the scan.
- Select the Run task immediately if missed check box if you want to run the scan if missed the set schedule.
- Select a scan mode from the following:
- Quick Scan (Scan Drive where operating system is installed)
- Full System Scan (Scan all the fixed drives)
- Scan Specific Folder(s): Select this option to scan a particular folder(s).
- Click Configure.
- Enter the path of the folder that you want to scan. You can also choose to scan the subfolders by selecting the Include Subfolder check box.
- Click Add. You can also remove a path from the list by clicking Remove.
- Click Apply.
- Select Scan Priority. The Scan Priority is Low by default. You can change the priority to Normal or High, if required.
- Configure the settings for File Types, Confidential Data, and User Defined Dictionary.
Asset Management
Assets Management helps you keep a watch on the system information, hardware information, and software installed. You can also view the hardware changes and software changes, if any, that are made to the configuration of the systems.
Select the following check boxes:
- Track Software Changes
- Track Hardware Changes. This check box is selected by default.
Application Control
Application Control helps you define schedules to scan applications at a preferred or specified frequency.
To configure Application Control Schedule Scan, follow these steps:
- In Frequency, select either the Daily or Weekly option. If you select the Weekly option, select the weekday from the list.
- In Start At, set time in hours and minutes.
- If you want to repeat scanning for the applications, select the Repeat Scan check box and set the frequency of interval after which the scan should be repeated.
- Select the Run task immediately if missed check box.
- Select one of the following scan options:
- Unauthorized applications: Helps you initiate scanning only for the unauthorized applications present on a client machine.
- Unauthorized and authorized applications: Helps you initiate scanning for both, unauthorized and authorized applications present on the client machine.
- All installed applications: Helps you initiate scanning for all applications installed on a client.
- Select Scan Priority. The Scan Priority is Low by default. You can change the priority to Normal or High, if required.
Vulnerability Scan
Vulnerability Scan helps you define schedules to initiate vulnerability scan of the clients as per your convenience.
To configure Vulnerability Scan Schedule Scan, follow these steps:
- Select the weekday from the list.
- In Start At, set time in hours and minutes.
- If you want to repeat scanning for the applications, select number of weeks to repeat the scan.
- Select the Run task immediately if missed check box.
- Under Scan and report, select one of the following options to scan for vulnerability against following software vendors:
- Microsoft applications and other vendor applications
- Microsoft applications only
- Other vendor applications only
- Select Scan Priority. The Scan Priority is Normal by default. You can change the priority to Low or High, if required.
- Select Scan Severity . The Scan Severity is High by default. You can change the priority to Low or Medium, if required.You can reset the Scan setting to default with Reset Default button, if required.
Patch Scan
This feature allows you to configure a schedule for scanning missing patches.
To configure a patch scan schedule, follow these steps.
- Select a weekday from the drop down menu.
- In Start At, set time in hours and minutes.
- If you want to repeat scanning of your clients, set the frequency to repeat the scan in weeks.
- Select the Run task immediately if missed checkbox if you want to run the scan if missed the set schedule.
- Under Patch Install Settings, select the Automatic install the missing software patches check box.
- Select the Allow auto-restart the system check box.
EFS Scan
Here you can define schedules to do EFS scan at a preferred or specified frequency.
To configure EFS Schedule Scan, follow these steps:
- In Frequency, select either the Daily or Weekly option. If you select the Weekly option, select the weekday from the list.
- In Start At, set time in hours and minutes.
- If you want to repeat EFS scanning, select the Repeat Scan check box and set the frequency of interval after which the scan should be repeated.
- Select the Run task immediately if missed check box.