You can configure Security Agents to submit file objects that may contain previously unidentified threats to a Virtual Analyzer for further analysis. After assessing the objects, Virtual Analyzer adds any objects found to contain unknown threats to the Virtual Analyzer Suspicious Object List and distributes the list to other Security Agents throughout the network.
Sample Submission requires that Real-Time Scan is enabled.
The Security Agent does not submit sample files when:
The file size exceeds 50 MB
A file with the same SHA-1 value was submitted within last 30 days
The file already exists in the Scan Exclusion List, Virtual Analyzer Suspicious Object Exception List, or Trusted Program List
Classic Mode: Go to SECURITY AGENTS and select a group. Click > Configure Policy.
Advanced Mode: Go to POLICIES > Policy Management. Click Add or click an existing policy.