Policy Enforcement > Add Policy (Step 3: Specify Enforcement Policy)
A brief description of the options on this screen is available below.
Antivirus Product Scan—select this option to ensure that endpoints have antivirus applications installed.
Endpoint Action—select whether to monitor or block noncompliant endpoints.
Remedy—if you select block noncompliant endpoints, you can choose to redirect endpoint browsers to a specific URL. You can use this option to point users to a page where they can download a copy of your recommended antivirus product. Clicking Edit URL opens a popup window with options for customizing the redirection URL and navigation options for endpoint users.
Only use networking protocols to assess Trend Micro products—select this option to allow Network VirusWall Enforcer to perform agentless remote assessment.
Antivirus Version Scan—select this option to ensure that antivirus pattern files on endpoints are current.
Endpoint Action—select whether to monitor or block noncompliant endpoints.
Remedy—if you select block noncompliant endpoints, you can choose to redirect endpoint browsers to a specific URL. You can use this option to point users to a page where they can perform an update. Clicking Edit URL opens a popup window with options for customizing the redirection URL and navigation options for endpoint users.
Require the latest virus pattern file—select this option to check whether endpoints are running the latest pattern file for their antivirus product
Allow virus pattern files that are—select this option to set a lower bar for compliance. You can tell Network VirusWall Enforcer to allow endpoints with patterns that are up to four versions older than the latest pattern
System Threat Scan—select this option to scan for viruses/malware and spyware/grayware on endpoints.
Endpoint Action—select whether to monitor or block noncompliant endpoints.
Remedy—if you select block noncompliant endpoints, you can choose to redirect endpoint browsers to a specific URL. You can use this option to point users to a page where they can perform a system scan. Clicking Edit URL opens a popup window with options for customizing the redirection URL and navigation options for endpoint users.
Vulnerability Scan—select this option to check endpoints for patches against known vulnerabilities in Microsoft products. You can check for vulnerabilities based on their severity levels. Note that you can select specific vulnerabilities by selecting a severity level. The checkbox for a specific severity level remains selected when at least one specific vulnerability in the severity level has been selected for assessment.
Endpoint Action—select whether to monitor or block noncompliant endpoints.
Remedy—if you select block noncompliant endpoints, you can choose to redirect endpoint browsers to a specific URL. You can use this option to point users to a page where they can download patches. Clicking Edit URL opens a popup window with options for customizing the redirection URL and navigation options for endpoint users.
Registry Scan—Select this option to require or prohibit registry keys. You can add up to 64 registry keys.
Endpoint Action—select whether to monitor or block noncompliant endpoints.
Remedy—if you select block noncompliant endpoints, you can choose to redirect endpoint browsers to a specific URL. You can use this option to point users to a page where they can see additional information on compliance. Clicking Edit URL opens a popup window with options for customizing the redirection URL and navigation options for endpoint users.
Send policy violation data to syslog—select this option to send a log entry to syslog whenever one of the assessment criteria returns a match.
Notify endpoints about policy violations—select this option to display popup notifications on endpoints that violate this section of the policy.
About Actions and Remediation Methods
About Vulnerabilities and Their Severity