Views:

Real-Time Scan provides persistent and ongoing file scan for the endpoints. Each time a file is received, opened, downloaded, copied, or modified, Real-Time Scan always scans the file for security assessment. After performing the Real-Time Scan, users can proceed to access the file if it does not pose a security threat. However, if a security risk or possible virus/malware has been detected during the scanning, associated events indicating the name of the infected file and the specific security risk will be generated for furthur investigation.

Moreover, a persistent scan cache is maintained and reloaded each time the Real-Time Scan is executed. The Real-Time Scan tracks any changes made to files or folders that have occurred until the function is disabled and the files are unloaded and removed from the scan cache.

  1. Go to Agents > All.
  2. Navigate to the target agent or group, and then go to its Policy page.
    Note:

    For instructions on how to go to the Policy page, see Go to the Agent View for a single agent or Go to the Group Policy Screen for a group of agents.

  3. Go to the Real-Time Scan section in the Multi-Method Threat Prevention pane.
  4. Toggle on the Real-Time Scan.
    Note:

    See Advanced Settings for instructions on how to configure the types of the files to be scanned, the action to take after possible security risk is detected, and the scan exclusion list.

Parent topic: Multi-Method Threat Prevention