PortalProtect guards the
SharePoint Server in a number of ways. Scanning and blocking content is the central
function. You
can configure PortalProtect to take actions
whenever it blocks a file or detects a virus. Furthermore, you can have PortalProtect send notifications of these events to
administrators or other recipients.
-
PortalProtect can scan files or Web content and determine whether any of that content violates a policy. When a violation is detected, PortalProtect will take an action like: quarantine or delete, as pre-configured by the administrator.
-
PortalProtect can scan URLs in files or Web content to detect malicious URL, it takes an action like: block or pass, as pre-configured by the administrator.
-
PortalProtect can block files based on the file extension, file name, or true file type. When it detects a file type, it takes an action like: quarantine or delete, as pre-configured by the administrator.
-
Scanning employs the latest version of the Trend Micro scan engine to detect viruses and other malicious code. When PortalProtect detects a virus or malicious code, it performs a number of actions like: quarantine or delete, according to how the administrator has it configured. The scan engine can maintain multiple threads, thus processing many requests simultaneously. It can also prioritize requests.
PortalProtect provides constant feedback and
reporting to keep you informed about the latest security threats and system status.
It logs
significant events like: component updates and scan actions. You can query these events
to create
logs that provide you with current and detailed information. You can also set PortalProtect to generate reports that can be
printed or exported for analysis.
The scan engine scans all content according to the following models:
-
Real-time Scan–When you have enabled SharePoint Server antivirus features, PortalProtect performs a scan in real time on the file whenever the file is checked in, checked out, saved or retrieved. It scans all incoming or outgoing files for viruses or other malicious code. The scan engine has the capacity to maintain multiple threads and process many requests simultaneously.
-
Manual Scan (Scan Now)–Manual Scan occurs momentarily after you start it and scans all or some of the files in your Document Library, depending on the configuration. You can configure a scan task to scan all or some of the folders stored in the database. Manual scan provides an immediate way to secure the content on you SharePoint servers.
-
Scheduled Scan–Scans all or some of the files in your Document Library, depending on the configuration. You set the time and frequency of the scan. Scheduled Scan automates routine scans on your SharePoint servers, improves antivirus management efficiency, and gives you more control over your antivirus policy.
Trend Micro recommends you use a
combination of scanning tasks to create a secure SharePoint environments. When you
configure
and perform a manual scan, it removes the threats from the content stored on the SQL
Server
content store. When you configure and enable real-time scanning, it protects your
SharePoint
servers from new threats as they arise. Finally, running regularly scheduled scans
maintains a
secure SharePoint environment.