virusscanningaction

Security Risk Scan: Action

When ScanMail detects a file that matches your scanning configurations, it executes an action to protect your Exchange environment. The type of action it executes depends on the type of scan it is performing (real-time, manual, or scheduled), the server role in Exchange Server 2010 and 2007, and the type of actions you have configured for that scan.

A brief description of the options available on this screen is available below.

• ActiveAction: Perform scan actions recommended by Trend Micro. See About Scan Actions for more information.

• Customized action for detected threats: Select to perform an action over all security risks or specify an action for each threat. See ScanMail actions for more information.

• Advanced Options: Specify advanced options for Macros, Unscannable Parts, Backup and Quarantine Settings, and Replacement Settings.

• Note: Select Enable IntelliTrap from the Target tab to detect packed files.

Specifying Security Risk Scan Action Settings

To configure security risk scan action settings:

1. Log on to the product console.

2. Click Security Risk Scan. The Security Risk Scan screen displays.

3. Click the Action tab. The Action screen displays.

4. Select one of the following:

• ActiveAction

• Customized action for detected threats:

5. To backup the infected file, select Backup infected file before performing action.

6. Select Do not clean infected compressed files to optimize performance. if performance improvement is required.

7. Configure Advanced Options as necessary.

1. Click Macros to configure macro scan.

1. Select Enable advanced macro scan.

2. Select one of the following:

• Heuristic level

• Delete all macros detected by advanced macro scan

2. Click Unscannable Message Parts to specify actions for encrypted and password protected files and files not in the scan restriction criteria.

• Select Replace with text/file, Quarantine entire message, Delete entire message, Pass, or Quarantine message part.

• Select Do not notify or Notify to send notifications when this action is triggered.

3. Click Backup and Quarantine Setting to specify the directory paths.

4. Click Replacement Settings to configure the text or file name that replaces infected content.

1. Specify the Replacement file name.

2. Specify the Replacement text.

8. Click Save.

See also:

• About Security Risk Scans

• Security Risk Scan: Target

• Security Risk Scan: Notification

• Trend Micro™ ActiveAction™