nacrucom
Rules include security posture criteria, default responses associated with clients, and actions that clients and the Policy Server perform.
Rules include the following security posture criteria:
Client machine state: If the client computer is in the booting state or not
Client Real-time Scan status: If Real-time Scan is enabled or disabled
Client scan engine version currency: If the Virus Scan Engine is up-to-date
Client virus pattern file status: How up-to-date the Virus Pattern is. The Policy Server determines this by checking one of the following:
If the Virus Pattern is a certain number of versions older than the Policy Server version
If the Virus Pattern became available a certain number of days prior to the validation
Responses help you understand the condition of OfficeScan clients on the network when client validation occurs. The responses, which appear in the Policy Server client validation logs, correspond to posture tokens. Choose from the following default responses:
Healthy: The client computer conforms to the security policies and is not infected.
Checkup: The client needs to update its antivirus components.
Infected: The client computer is infected or is at risk of infection.
Transition: The client computer is in the booting state.
Quarantine: The client computer is at high risk of infection and requires quarantine.
Unknown: Any other condition
You cannot add, delete, or modify responses.
If the client security posture matches the rule criteria, the Policy Server can carry out the following action:
Creates an entry in a Policy Server client validation log (see Client Validation Logs for more information)
If the client security posture matches the rule criteria, the OfficeScan client can carry out the following actions:
Enable client Real-time Scan so the OfficeScan client can scan all opened or saved files (see Real-time Scan for more information)
Update all OfficeScan components (see OfficeScan Components and Programs for more information)
Scan the client (Scan Now) after enabling Real-time Scan or after an update
Display a notification message on the client computer