This feature allows you to define a policy on how to initiate the scan of the client systems in your organization.
The policy can be refined to enable Virus Protection or DNA scanning or include blocking of any suspicious packed files, and other settings.
To create a policy for Scan Settings, follow these steps:
- Log on to the Seqrite Endpoint Security Web console.
- Go to Settings > Client Settings > Scan Settings.
- Under Scanner Settings, select the scan mode. The Scan Mode includes Automatic and Advanced. You can enable Virus Protection, Advanced DNAScan, Block Suspicious Files, Automatic Rogueware Scan, Disconnect Infected Endpoints from the network, Exclude files and folders, and exclude extensions from being scanned.
- To save your setting, click Save Policy.
Under Scanner Settings, you can select either of the following scanning options:
- Automatic*: This is the default scan setting that ensures optimum protection to the clients.
- Advanced: If you select this option, you may further need to customize the configuration of scanning options as per your requirement. When you select this option, other features are activated that are described as follows:
|Select items to scan||Select either of the options to scan: Scan executable files: Includes scanning of executable files only. Scan all files: Includes scanning of all files but takes longer time for scanning.|
|Scan Packed Files*||Scans packed files inside an executable file.|
|Scan Mailboxes*||Scans emails inside the mailbox files.|
|Scan Archive Files*||Scans compressed files such as ZIP and ARJ files including other files.|
|Archive Scan Level||You can set the level for scanning in an archive file. The default scan level is set to 2. You can increase the default scan level, however, that may affect the scanning speed.|
|Select action to be performed when virus is found in archive file.||You can select an action that you want to take when a virus is found in archive file during an on-demand scan. You can select any one of the following actions: · Delete – Deletes the entire archive file even if a single file within the archive is infected. · Quarantine – Quarantines the archive containing the infected files. · Skip – Takes no action even if a virus is found in an archive file.|
|Select action to be performed when a virus is found.||You can select an action that you want to take when a virus is found during manual scan. You can select any one of the following actions: · Repair – All the infected files are repaired automatically. The files that are not repairable are deleted. · Delete – All the infected files are deleted automatically. · Skip – Takes no action even if a virus is found in a file.|
Virus Protection Settings
This feature helps you continuously monitor the client systems against viruses that may infiltrate from sources such as email attachments, Internet downloads, file transfer, and file execution. It is recommended that you always keep Virus Protection enabled to keep the client systems clean and secure from any potential threats.
This feature gives signature-based protection to all endpoints in the network.
With Virus Protection, you can configure the following:
|Load Virus protection at Startup||Enables real-time protection to load every time the system is started.|
|Display Alert messages||Displays an alert message with virus name and file name, whenever any infected file is detected by the virus protection.|
|Report source of infection||Displays the source IP address of the system where the virus is detected.|
|Select the action to be performed when a virus is found||You can select an action that you want to take when a virus is found during manual scan. You can select any one of the following actions: · Repair – All the infected files are repaired automatically. The files that are not repairable are deleted. · Delete – All the infected files are deleted automatically. · Deny Access – Access to an infected file is blocked.|
Advanced DNAScan Settings
Helps you safeguard the client systems even against new and unknown malicious threats whose signatures are not present in the virus definition database. DNAScan is an indigenous technology of Seqrite to detect and eliminate new types of malware in the system. DNAScan technology successfully traps suspected files with very less false alarms.
Advanced DNAScan Settings also includes the following:
|Enable DNAScan||Helps in scanning the systems based on Digital Network Architecture (DNA) pattern.|
|Enable Behavior detection system||Helps in scanning the files and processes (host based) on their behavior. If the files or systems behave suspiciously or their behavior changes by itself is considered as suspicious. This detection can be categorized based on their criticality level as Low, Moderate, and High. You can select the detection criticality level depending on how often suspicious files are reported in your systems. BDS|
|Submit suspicious files||Helps in submitting suspicious files to the Seqrite research lab automatically for further analysis.|
|Show notification while submitting files||Displays a notification while submitting DNA suspicious files.|
- The Advanced DNAScan Settings feature is available only in the clients with Windows operating systems.
- The ‘Behavior detection system’ scan setting is not applicable for Windows XP 64-bit and Windows Server platforms.
Block suspicious packed files
This feature helps you identify and block access to the suspicious packed files. Suspicious packed files are malicious programs that are compressed or packed and encrypted using a variety of methods. These files when unpacked can cause serious harm to the endpoint systems.
It is recommended that you always keep this option enabled to ensure that the clients do not access any suspicious files and thus prevent the spread of infection.
The Block suspicious packed files feature is available only in the clients with Windows operating systems.
Automatic Rogueware Scan Settings
This feature automatically scans and removes rogueware and fake antivirus software. If this feature is enabled, all the files are scanned for possible rogueware present in a file.
The Automatic Rogueware Scan feature is available only in the clients with Windows operating systems.
Disconnect Infected Endpoints from the network
This disconnects the infected endpoints from the network. The following options are available:
- When non-repairable virus found: Disconnects the endpoint, if a non-repairable virus is found running in the memory.
- When suspicious file found by DNAScan: Disconnects the endpoint, if any suspicious file is found running in the memory.
The Disconnect Infected Endpoint from the network feature is available only in the clients with Windows operating systems.
Exclude Files and Folders
This feature helps you decide which files and folders should be omitted from scanning for known viruses, Advanced DNAScan, and Suspicious Packed files. It is helpful in case you trust certain files and folders and want to exclude them from scanning.
To add a file or a folder, follow these steps:
Log on to the Seqrite Endpoint Security Web console.
Go to Settings > Client Settings > Scan Settings.
Under Exclude File and Folders, click Add. For Mac OS, use only forward slash (/) in the folder path. Example: /Users/Admin/ExcludeList.
On the Exclude Item screen, select either of the following:
- Exclude Folder: If you select Exclude Folder, type the folder path in the Enter folder path text box.If you want a subfolder also to be excluded from scanning, select Include Subfolder.
- Exclude File: If you select Exclude File, type the file path in Enter file path text box.
- Exclude MD5 checksum: If you select Exclude MD5 Checksum, type the checksum in Enter MD5 Checksum text box.
MD5 checksum is a 32-character hexadecimal number which is the fingerprint of the file. With MD5 checksum, you can verify whether your downloaded file got corrupted or not in transit.
Under Exclude from, select any one option as per your requirement:
- Known Virus Detection
- Suspicious Packed Files Scan
- Behavior Detection
When you select the Exclude MD5 checksum option, all the above options are selected, by default. Anti-Ransomware option is available only in the Exclude MD5 checksum selection.
To save your settings, click OK.
- If you select Known Virus Detection, DNAScan and Suspicious Packed File Scan will also be enforced, and all the three options will be selected.
- If you select DNAScan, Suspicious Packed File Scan will also be enforced, and both the options will be selected.
- However, you can select Suspicious Packed File Scan or Behavior Detection as a single option.
This feature helps you exclude the files from scanning by real-time virus protection by their extensions. This is helpful in troubleshooting performance related issues by excluding certain categories of files that may be causing the issue.
To exclude a file extension from scanning, follow these steps:
- Under Exclude Extensions, type an extension in the file extension name text box, and then click Add.
The file extension should be without any dots in the following format: xml, html, zip etc.
The Exclude Extensions feature is available only in the clients with Windows and Mac operating systems.