Enabling Sample Submission

You can configure Security Agents to submit file objects that may contain previously unidentified threats to a Virtual Analyzer for further analysis. After assessing the objects, Virtual Analyzer adds any objects found to contain unknown threats to the Virtual Analyzer Suspicious Object List and distributes the list to other Security Agents throughout the network.

Sample Submission requires that Real-Time Scan is enabled.

The Security Agent does not submit sample files when:

  • The file size exceeds 50 MB

  • A file with the same SHA-1 value was submitted within last 30 days

  • The file already exists in the Scan Exclusion List, Virtual Analyzer Suspicious Object Exception List, or Trusted Program List

  1. Go to the Configure Policy screen by performing one of the following:

    • Classic Mode: Go to SECURITY AGENTS and select a group. Click > Configure Policy.

    • Advanced Mode: Go to POLICIES > Policy Management. Click Add or click an existing policy.

  2. Click Windows.
  3. Go to Sample Submission.
  4. Under Sample Submission, enable the feature.
  5. Click Save.
Parent topic: Windows Policy Settings