Views:

Users can manually initiate Scan Now on selected endpoints and deploy the scan settings on one or several target endpoints.

  1. Go to Agents > All.
  2. Click the All group on the Agents screen. The Agents screen displays a list of agents managed by StellarOne.
  3. Select one or more endpoints (agents or groups) by clicking the checkboxes next to them.
  4. Click the Protection button from the Tool Bar at the top of the Agents screen.
  5. A pop-up window appears. Click the Scan Now option.
  6. Click Confirm.
  7. The configuration window appears.
  8. The configuration window consists of three sections: Files to Scan, Scan Action, and Scan Exclusions.
    Note:

    The StellarProtect (Legacy Mode) agents will automatically attempt to download the latest components before starting a scan. A Component Update toggle is available for users to determine whether the endpoints should continue with the scan if the component update is unsuccessful.

    1. In the Files to Scan section, click All local folders to scan all files in detail; click Default folders (Quick Scan) for a general scan; or click Specific folders to specify the paths to the folders for scan.
      Tip:

      Under the Specific folders option, click the "+" or "-" icon to add or delete paths to the specific folders.

      • (Optional and StellarProtect (Legacy Mode) only) Check Scan removable drives to allow scanning files in removable drives

      • (Optional) Check Scan compressed files and select the Maximum layers between 1 and 20 for the compressed files.

      • (Optional) To skip files over a certain size, check Skip files larger than and specify the file size between 1 and 9999 MB. Files exceeding the specified file size will not be scanned.

      • (Optional and StellarProtect only) Check Aggressive scan (include all OT applications and CA files) to allow scanning files in existing trusted list.

    2. In the Scan Action section, users per-define the action once threats are detected during the scanning process. Select Quarantine to place the suspicious or infected files detected in an isolated folder for further checking. Select No action to produce only a readout of results with no actions taken on the suspicious files.

      Note:
      The StellarProtect (Legacy Mode) agents provide more choices such as:

      • Use ActiveAction: the pre-configured scan actions, which are best to use if you are not familiar with scan actions or if you are not sure which scan action is suitable.

      • Clean, or delete if the clean action is unsuccessful: to delete the target file if it cannot be recovered.

      • Clean, or quarantine if the clean action is unsuccessful: to quarantine the target file if it cannot be recovered.

      • Clean, or ignore if the clean action is unsuccessful: to ignore the target file if it cannot be recovered.

    1. (Optional) The Scan Exclusions section provides users an option to exclude certain folders, files, or file extensions from being scanned.

      • Folders: specify a path to the folders that do not require scanning.

      • Files: specify a path to the files that do not require scanning.

      • File Extensions: specify the file extension of certain files that do not require scanning.

        Note:
        • StellarProtect supports only local paths for Scan Exclusions. Remote paths such as an URL or \\[Hostname] are not supported.

        • It is not required to add ".” or “*.” in front of the file extension.

      Tip:

      Click the "+" or "-" icon to add or delete paths to the specific folders/files or file extensions for specific file types .

  9. Click OK to deploy the settings to the selected endpoints.
  10. The Command Deployment window appears showing the deployment status. Click the Close button to close the window.
Parent topic: Protection