-
In the Virus/Malware section, configure the
required settings.
-
Select the type of action that the Security Agent takes
after detecting a security threat.
-
Use ActiveAction: Select to use a set of pre-configured scan actions for viruses/malware
For more information, see ActiveAction.
-
Customize action for probable virus/malware: Select and specify the action that the Security Agent takes on probable malware threats
-
-
Use the same action for all virus/malware types: Specify the action that the Security Agent takes on all malware threats
-
Use a specific action for each virus/malware type: Specify the action that the Security Agent takes on specific security threats
For more information, see Custom Scan Actions.
-
-
Select the types of notification that display to end users.
-
Display a notification when virus/malware is detected: Select to display a notification informing the Security Agent user when a malware detection occurs
-
Display a notification when probable virus/malware is detected: Select to display a notification informing the Security Agent user when a probable malware detection occurs
-
-
Select Back up files before cleaning to create an
encrypted copy of the infected file on the endpoint in the <Agent installation
folder>\Backup folder.
Creating a backup copy of the file allows you to restore the original version of the file if necessary.
-
Specify the location of the quarantine directory.
-
Quarantine to the Security Agent's managing server: The Security Agent sends an encrypted copy of all quarantined files to the managing Apex One server
-
Quarantine directory: The Security Agent sends an encrypted copy of all quarantined files to the specified location
For more information, see Quarantine Directory.
-
-
In the Damage Cleanup Services section, configure the
following:
-
Cleanup type
-
Standard cleanup: The Security Agent performs any of the following actions during standard cleanup:
-
Detects and removes live Trojans
-
Kills processes that Trojans create
-
Repairs system files that Trojans modify
-
Deletes files and applications that Trojans drop
-
-
Advanced cleanup: In addition to the standard cleanup actions, the Security Agent stops activities by rogue security software (also known as FakeAV) and certain rootkit variants.
-
-
Run cleanup when probable virus/malware is detected: Performs the configured cleanup type on probable malware threats
Note:You can only select this option if the action on probable virus/malware is not Pass or Deny Access.
-
-
Select the type of action that the Security Agent takes
after detecting a security threat.
-
In the Spyware/Grayware section, select
the action the Security Agent takes after detecting spyware or grayware programs.
-
Clean: Terminates all related processes and deletes associated registry values, files, cookies and shortcuts
Note:After cleaning spyware/grayware, Security Agents back up spyware/grayware data, which you can restore if you consider the spyware/grayware safe to access.
-
Pass: Logs the detection but allows the program to execute
-
Display a notification on endpoints when spyware/grayware is detected: Select to display a notification informing the Security Agent user when a spyware/grayware detection occurs
-
-
In the Advanced Malware Detection section, select
an option and configure the required setting.
-
Use ActiveAction: Select to use a set of pre-configured scan actions on detected portable executable files. This is the recommended option.
For more information, see ActiveAction.
-
Use the same action for all portable executable files with threats: Select to apply one of the following actions on detected portable executable files.
-
Quarantine: The system automatically quarantines the detected portable executable files.
-
Pass: The system generates a detection log but does not apply any action on detected portable executable files.
-
Note:If a detected portable executable file is in the Scan Exclusion list, the system does not apply any action on the file.
-
Views: