Views:

Procedure

  1. Select Global Agent Settings.
  2. Click the Security Settings tab.
  3. Configure settings as required.
    Section
    Settings
    Scan Settings (general)
    • Exclude Microsoft Exchange server folders and files from scans: Prevents the Trend Vision One Endpoint Security agent installed on the Microsoft Exchange server from scanning the following Exchange server folders:
      • The following folders in \Exchsrvr\Mailroot\vsi 1: Queue, PickUp, and BadMail
      • .\Exchsrvr\mdbdata, including these files: priv1.stm, priv1.edb, pub1.stm, and pub1.edb
      • .\Exchsrvr\Storage Group
      For Microsoft Exchange 2007 or later folders, you need to manually add the folders to the scan exclusion list. For scan exclusion details, see the following website:
    • Enable deferred scanning on file operations: Allows users to copy files and then scans the files after the copy process completes to improve the performance of the copy and scan processes
      Important
      Important
      Deferred scanning requires that the Virus Scan Engine (VSAPI) be version 9.713 or later.
    • Enable Early Launch Anti-Malware protection on endpoints: Allows the Trend Vision One Endpoint Security agent to load and start scanning before other third-party software drivers during start up (only supported on Windows 8, Windows Server 2012 or later versions)
      Note
      Note
      After scanning all third-party software drivers, the Trend Vision One Endpoint Security agent reports the driver classification information to the system kernel. Administrators can define actions based on the driver classifications in Group Policy in Windows and view scan results using Event Viewer on endpoints.
    Scan Settings for Large Compressed Files
    In the Real-time Scan and Manual Scan/Scheduled Scan/Scan Now sections, configure the following settings:
    • Do not scan files if the compressed file size exceeds XX MB: Enables the Trend Vision One Endpoint Security agent to check the sizes of individual files within a compressed archive and skips scanning files if the individual file size exceeds the configured threshold
    • In a compressed file, scan only the first XX files: Prevents the Trend Vision One Endpoint Security agent from scanning all files in archives that contain more files than the configured threshold
    Virus/Malware Scan Settings Only
    Clean/Delete infected files within compressed files: The Trend Vision One Endpoint Security agent attempts to perform the Clean or Delete action on compressed files within certain archive types that contain malware threats
    Note
    Note
    The Trend Vision One Endpoint Security agent only attempts to Clean or Delete malware threats within compressed archives if you have configured the Clean or Delete action for the type of malware detected.
    Spyware/Grayware Scan Settings Only
    Scan for cookies: The Trend Vision One Endpoint Security agent scans all cookies for spyware/grayware
    • Count cookie into spyware log: The Trend Vision One Endpoint Security agent creates logs for cookies detected as spyware/grayware
    Scheduled Scan Settings
    • Remind users of the Scheduled Scan XX minutes before it runs: Displays a notification message on the endpoint before Scheduled Scan begins
      Note
      Note
      You can disable the notification message on the Other Settings tab of the Privileges and Other Settings screen.
    • Postpone Scheduled Scan for up to XX hour(s) and XX minute(s): Sets the maximum amount of time users with the Postpone Scheduled Scan privilege can delay or pause a Scheduled Scan for
      Note
      Note
      You can grant the Postpone Scheduled Scan privilege on the Privileges tab of the Privileges and Other Settings screen.
    • Automatically stop Scheduled Scan when scanning lasts more than XX hour(s) and XX minute(s): Stops a long Scheduled Scan after reaching the configured time duration
    • Skip Scheduled Scan when a wireless endpoint's battery life is less than XX% and its AC adapter is unplugged: Prevents the Trend Vision One Endpoint Security agent from starting a Scheduled Scan if the battery life is low
    Resume Scheduled Scan
    • Resume an interrupted Scheduled Scan: Resumes a Scheduled Scan at the specified time if the user interrupted the scan by turning off the endpoint
    • Resume a missed Scheduled Scan: Starts a Scheduled Scan at the specified time if the endpoint was not running when the Scheduled Scan should have started
    Firewall Settings
    • Send firewall logs to the server every: Sets the frequency that Trend Vision One Endpoint Security agents with the Allow Security Agents to send firewall logs to the Apex One server privilege send Firewall logs to the server
      Note
      Note
      You can grant the Allow Security Agents to send firewall logs to the Apex One server privilege on the Privileges tab of the Privileges and Other Settings screen.
    • Update the Apex One firewall driver only after a system restart: Prevents the Trend Vision One Endpoint Security agent from attempting to update the Common Firewall Driver during normal operations
    • Send firewall log count information to the Apex One server hourly to determine the possibility of a firewall outbreak: Enables the Trend Vision One Endpoint Security agent to send Firewall detection counts to the Trend Vision One hourly
    Behavior Monitoring Settings
    Automatically take action if the user does not respond within: XX second(s): Sets the maximum amount of time that users have before Behavior Monitoring allows a program to execute
    Note
    Note
    You must enable Event Monitoring and set the action for the particular event to Ask when necessary before the Trend Vision One Endpoint Security agent displays the prompt.
  4. Click Save.