Scan Settings (general)
|
-
Exclude Microsoft Exchange server folders and files from
scans: Prevents the Trend Vision One Endpoint Security agent installed on the Microsoft Exchange server from
scanning the following Exchange server folders:
-
The following folders in \Exchsrvr\Mailroot\vsi
1 : Queue , PickUp , and
BadMail
-
.\Exchsrvr\mdbdata , including these files:
priv1.stm , priv1.edb , pub1.stm ,
and pub1.edb
-
.\Exchsrvr\Storage Group
For Microsoft Exchange 2007 or later folders, you need to
manually add the folders to the scan exclusion list. For scan exclusion details, see
the
following website:
-
Enable deferred scanning on file operations: Allows users to
copy files and then scans the files after the copy process completes to improve the
performance of the copy and scan processes
|
Important
Deferred scanning requires that the Virus Scan Engine (VSAPI) be version 9.713 or
later.
|
-
Enable Early Launch Anti-Malware protection on endpoints:
Allows the Trend Vision One Endpoint Security agent to load and start scanning before other third-party
software drivers during start up (only supported on Windows 8, Windows Server 2012
or
later versions)
|
Note
After scanning all third-party software drivers, the Trend Vision One Endpoint Security agent
reports the driver classification information to the system kernel. Administrators
can
define actions based on the driver classifications in Group Policy in Windows and
view
scan results using Event Viewer on endpoints.
|
|
Scan Settings for Large Compressed Files
|
In the Real-time Scan and Manual Scan/Scheduled
Scan/Scan Now sections, configure the following settings:
-
Do not scan files if the compressed file size exceeds XX MB:
Enables the Trend Vision One Endpoint Security agent to check the sizes of individual files within a
compressed archive and skips scanning files if the individual file size exceeds the
configured threshold
-
In a compressed file, scan only the first XX files: Prevents
the Trend Vision One Endpoint Security agent from scanning all files in archives that contain
more files than the configured threshold
|
Virus/Malware Scan Settings Only
|
Clean/Delete infected files within compressed files: The Trend Vision One Endpoint Security agent
attempts to perform the Clean or Delete action on compressed files within
certain archive types that contain malware threats
|
Note
The Trend Vision One Endpoint Security agent only attempts to Clean or Delete
malware threats within compressed archives if you have configured the Clean or
Delete action for the type of malware detected.
|
|
Spyware/Grayware Scan Settings Only
|
Scan for cookies: The Trend Vision One Endpoint Security agent
scans all cookies for spyware/grayware
|
Scheduled Scan Settings
|
-
Remind users of the Scheduled Scan XX minutes before it runs:
Displays a notification message on the endpoint before Scheduled Scan begins
|
Note
You can disable the notification message on the Other
Settings tab of the Privileges and Other Settings
screen.
|
-
Postpone Scheduled Scan for up to XX hour(s) and XX minute(s):
Sets the maximum amount of time users with the Postpone Scheduled
Scan privilege can delay or pause a Scheduled Scan for
|
Note
You can grant the Postpone Scheduled Scan privilege on the
Privileges tab of the Privileges and Other
Settings screen.
|
-
Automatically stop Scheduled Scan when scanning lasts more than XX hour(s)
and XX minute(s): Stops a long Scheduled Scan after reaching the
configured time duration
-
Skip Scheduled Scan when a wireless endpoint's battery life is less than
XX% and its AC adapter is unplugged: Prevents the Trend Vision One Endpoint Security agent
from starting a Scheduled Scan if the battery life is low
Resume Scheduled Scan
-
Resume an interrupted Scheduled Scan: Resumes a Scheduled Scan
at the specified time if the user interrupted the scan by turning off the endpoint
-
Resume a missed Scheduled Scan: Starts a Scheduled Scan at the
specified time if the endpoint was not running when the Scheduled Scan should have
started
|
Firewall Settings
|
-
Send
firewall logs to the server every:
Sets the frequency that Trend Vision One Endpoint Security agents with the
Allow Security Agents to send firewall
logs to the Apex One server privilege
send Firewall logs to the server
|
Note
You can grant the
Allow Security Agents to send firewall
logs to the Apex One server privilege
on the Privileges tab of
the Privileges and Other
Settings screen.
|
-
Update the Apex One firewall driver
only after a system restart: Prevents
the Trend Vision One Endpoint Security agent from attempting
to update the Common Firewall Driver during normal
operations
-
Send
firewall log count information to the Apex One
server hourly to determine the possibility of a
firewall outbreak: Enables the Trend Vision One Endpoint Security agent to send Firewall
detection counts to the Trend Vision One hourly
|
Behavior Monitoring Settings
|
Automatically take action if the user does not respond within: XX
second(s): Sets the maximum amount of time that users have before Behavior
Monitoring allows a program to execute
|
Note
You must enable Event Monitoring and set the action for the particular event to
Ask when necessary before the Trend Vision One Endpoint Security agent
displays the prompt.
|
|