Procedure
- In the Virus/Malware section, configure the
required settings.
- Select the type of action that the Trend Vision One Endpoint Security agent takes
after detecting a security threat.
-
Use ActiveAction: Select to use a set of pre-configured scan actions for viruses/malwareFor more information, see ActiveAction.
-
Customize action for probable virus/malware: Select and specify the action that the Trend Vision One Endpoint Security agent takes on probable malware threats
-
-
Use the same action for all virus/malware types: Specify the action that the Trend Vision One Endpoint Security agent takes on all malware threats
-
Use a specific action for each virus/malware type: Specify the action that the Trend Vision One Endpoint Security agent takes on specific security threatsFor more information, see Custom Scan Actions.
-
- Select the types of notification that display to end users.
-
Display a notification when virus/malware is detected: Select to display a notification informing the Trend Vision One Endpoint Security agent user when a malware detection occurs
-
Display a notification when probable virus/malware is detected: Select to display a notification informing the Trend Vision One Endpoint Security agent user when a probable malware detection occurs
-
- Select Back up files before cleaning to create an
encrypted copy of the infected file on the endpoint in the
<Agent installation folder>\Backup
folder.Creating a backup copy of the file allows you to restore the original version of the file if necessary. - Specify the location of the quarantine directory.
-
Quarantine to the Security Agent's managing server: The Trend Vision One Endpoint Security agent sends an encrypted copy of all quarantined files to the managing Apex One server
-
Quarantine directory: The Trend Vision One Endpoint Security agent sends an encrypted copy of all quarantined files to the specified location
For more information, see Quarantine Directory. -
- In the Damage Cleanup Services section, configure the
following:
-
Run cleanup when probable virus/malware is detected: Performs the configured cleanup type on probable malware threats
Note
You can only select this option if the action on probable virus/malware is not Pass or Deny Access.
-
- Select the type of action that the Trend Vision One Endpoint Security agent takes
after detecting a security threat.
- In the Spyware/Grayware section, select
the action the Trend Vision One Endpoint Security agent takes after detecting spyware or grayware programs.
-
Clean: Terminates all related processes and deletes associated registry values, files, cookies and shortcuts
Note
After cleaning spyware/grayware, Trend Vision One Endpoint Security agents back up spyware/grayware data, which you can restore if you consider the spyware/grayware safe to access. -
Deny access: Prevents the end user from opening or copying the spyware or grayware components
-
Display a notification on endpoints when spyware/grayware is detected: Select to display a notification informing the Trend Vision One Endpoint Security agent user when a spyware/grayware detection occurs
-