This feature allows you to define a policy on how to initiate the scan of the endpoints. The policy can be refined to enable Virus Protection or DNA scanning or include blocking of any suspicious packed files, and other settings.
To configure policy for Scan, follow these steps:
- Create Container/feature policy for Scan.
- On the Feature Policy page, you can see the following list of settings with expand sign and toggle button. Expand and enable settings that you want to configure.
- Virus Protection
- Exclude Files and Folders
- Exclude Extensions
- Advanced DNAScan
- Disconnect Infected Endpoints from the network
- Block suspicious packed files
- Automatic Rogueware Scan
- Scan External Drive
- Autorun Protection
- To save your settings, click Save Policy.
Importantly, if you have customized the settings and later you want to revert to the default settings, you can do so by clicking the Reset Default button.
Under Scanner, you can select either of the following scanning options:
- Automatic: This is the default scan setting that ensures optimum protection to the clients.
- Advanced: If you select this option, you may further need to customize the configuration of scanning options as per your requirement. When you select this option, other features are activated that are described as follows:
|Select items to scan||Select either of the options to scan: Scan executable files: Includes scanning of executable files only. Scan all files: Includes scanning of all files, but takes longer time for scanning.|
|Scan Packed Files||Scans packed files inside an executable file.|
|Scan Mailboxes||Scans Emails inside the mailbox files.|
|Scan Archive Files||Scans compressed files such as ZIP and ARJ files including other files.|
|Archive Scan Level||You can set the level for scanning in an archive file. The default scan level is set to 2. You can increase the scan level up to 16, however, that may affect the scanning speed.|
|Action to be performed when virus is found in archive file.||You can select an action that you want to take when a virus is found in archive file during an on-demand scan. You can select any one of the following actions: · Delete – Deletes the entire archive file even if a single file within the archive is infected. · Quarantine – Quarantines the archive containing the infected files. · Skip – Takes no action even if a virus is found in an archive file.|
|Action to be performed when a virus is found.||You can select an action that you want to take when a virus is found during manual scan. You can select any one of the following actions: · Repair – All the infected files are repaired automatically. The files that are not repairable are deleted. · Delete – All the infected files are deleted automatically. · Skip – Takes no action even if a virus is found in a file.|
This feature helps you continuously monitor the endpoints against viruses that may infiltrate from sources such as email attachments, Internet downloads, file transfer, and file execution. By default, Virus Protection is enabled to keep the endpoints clean and secure from any potential threats.
|Load Virus protection at Startup||Enables real-time protection to load every time the system is started.|
|Display Alert messages||Displays an alert message with virus name and file name, whenever any infected file is detected by the virus protection.|
|Report source of infection||Displays the source IP address of the system where the virus is detected.|
|Select action to be performed when a virus is found||You can select an action that you want to take when a virus is found during manual scan. You can select any one of the following actions: – Repair – All the infected files are repaired automatically. The files that are not repairable are deleted. – Delete – All the infected files are deleted automatically. – Deny Access – Access to an infected file is blocked.|
Exclude Files and Folders
This feature helps you decide which files and folders should be omitted from scanning for known viruses, Advanced DNAScan, and Suspicious Packed files. It is helpful in case you trust certain files and folders and want to exclude them from scanning.
To add a file or a folder, follow these steps:
- In Exclude File and Folders section, click Add.
- On the Exclude Item screen, select either of the following:
- Exclude Folder: If you select Exclude Folder, type the folder path in the Enter folder path text box. If you want to exclude a subfolder also from scanning, select Include Subfolder.
- Exclude File: If you select Exclude File, type the file path in the Enter file path text box.
- Exclude MD5 checksum: If you select Exclude MD5 Checksum, type the checksum in Exclude MD5 Checksum text box. MD5 checksum is a 32-character hexadecimal number which is the fingerprint of the file. With MD5 checksum, you can verify whether your downloaded file got corrupted or not in transit.
- In Exclude from section, select the following options as per your requirement:
- Known Virus Detection
- Suspicious Packed Files Scan
- Behavior Detection
- To save your settings, click OK.
- If you select Known Virus Detection, DNAScan and Suspicious Packed File Scan will also be enforced, and all the three options will be selected.
- If you select DNAScan, Suspicious Packed File Scan will also be enforced, and both the options will be selected.
- However, you can select Suspicious Packed File Scan or Behavior Detection as a single option.
When you select the Exclude MD5 checksum option, all the above options are selected, by default. Anti-Ransomware option is available only in the Exclude MD5 checksum selection.
This feature helps you to exclude the files from scanning using their extensions to provide a real-time virus protection. This is helpful in troubleshooting performance related issues by excluding certain categories of files that may be causing the issue.
To exclude a file extension from scanning, follow these steps:
- Type an extension in the Enter Extension text box, and then click Add.
The file extension should be without any dots in the following format: xml, html, zip etc.
The Exclude Extensions feature is available only in the clients with Windows and Mac operating systems.
Helps you safeguard the client systems even against new and unknown malicious threats whose signatures are not present in the virus definition database. DNAScan is an indigenous technology of SEQRITE to detect and eliminate new types of malware in the system. DNAScan technology successfully traps suspected files with very less false alarms.
Advanced DNAScan Settings also includes the following:
|Enable DNAScan||Helps in scanning the systems based on Digital Network Architecture (DNA) pattern.|
|Enable Behavior detection system||Helps in scanning the files and systems based on their behavior. If the files or systems behave suspiciously or their behavior changes by itself is considered as suspicious. This detection can be categorized based on their criticality level as Low, Moderate, and High. You can select the detection criticality level depending on how often the suspicious files are reported in your systems.|
|Submit suspicious files||Helps in submitting suspicious files to the SEQRITE research lab automatically for further analysis.|
|Show notification while submitting files||Displays a notification while submitting DNA suspicious files.|
- The Advanced DNAScan Settings feature is available only in the clients with Windows operating systems.
- The ‘Behavior detection system’ scan setting is not applicable for Windows Server platforms.
Disconnect Infected Endpoints from the network
This feature when enabled disconnects the infected endpoints from the network when non-repairable virus is found.
Select the When non-repairable virus found check box to disconnect infected endpoint.
Disconnect Infected Endpoints feature is not supported on Mac operating system.
Block suspicious packed files
This feature helps you identify and block access to the suspicious packed files. Suspicious packed files are malicious programs that are compressed or packed and encrypted using a variety of methods. These files when unpacked can cause serious harm to the endpoint systems.
It is recommended that you always keep this option enabled to ensure that the clients do not access any suspicious files and thus prevent the spread of infection.
The Block suspicious packed files feature is available only in the clients with Windows operating systems.
Automatic Rogueware Scan
This feature automatically scans and removes rogueware and fake antivirus software. If this feature is enabled, all the files are scanned for possible rogueware present in a file.
The Automatic Rogueware Scan feature is available only in the clients with Windows operating systems.
Scan External Drives
Whenever your system comes in contact with any external devices, your system is at risk that viruses and malwares may infiltrate through them. This feature allows you to set protection rules for external devices such as; CDs, DVDs, and USB-based drives.
With External Drives Settings, you can scan the USB-based drives as soon as they are attached to your system. The USB-based drives should always be scanned for viruses before accessing it from your system, as these devices are convenient mediums for transfer of viruses and malwares from one system to another.
The Autorun Protection protects your system from autorun malware that tries to sneak into the system from USB-based devices or CDs/DVDs using the autorun feature of the installed operating system.