By default, Forefront Protection 2010 for Exchange Server (FPE) uses the same set of scan engines for each antivirus scan job type (realtime, transport, scheduled, and on-demand). For maximum performance, it is recommended that you retain the default settings, so that all available engines are used. However, if you so choose, you can manually disable one or more antivirus scan engines for each scan job. You can configure each scan job type separately; the engine settings are not global.

For more information about individual scan engines, visit each engine vendor's Web site. Links are provided at Microsoft Help and Support.

Note:
For antispyware scanning, you must use the Microsoft Antimalware Engine. It is enabled by default and cannot be disabled.
To manually select the engines used for each scan job
  1. In the Forefront Protection 2010 for Exchange Server Administrator Console, click Policy Management, and under Global Settings, click Advanced Options.

  2. In the Global Settings - Advanced Options pane, under the Intelligent Engine Management section, using the Engine management drop-down list, select Manual.

  3. In the Engine selection section, you can enable or disable specific engines for each scan job type. Select the engine and type of scan you want to change, and then select Enabled (the default) or Disabled. Repeat this step to change additional engines, and then click Save.

Note:
For information about changing the schedule of engine updates, see Configuring engine and definition updates.

Configuring the engine error action

You can set the action that FPE should take if a scan engine error occurs. Examples include an engine exception, excessive read/write operations, a virus found without a virus name, multiple engine errors, and any other failure code returned by an engine.

To configure the engine error action
  1. In the Forefront Protection 2010 for Exchange Server Administrator Console, click Policy Management, and under Global Settings, click Advanced Options.

  2. In the Global Settings - Advanced Options pane, under the Scans section, configure the Engine error action by selecting one of the following possible values:

    1. Ignore—Logs the error to the program log.

    2. Skip detect—Logs the error to the program log and displays an EngineError entry with a state of Detected in the user interface.

    3. Delete—Logs the error to the program log, deletes the file that caused the error, and displays an EngineError entry with a state of Removed in the user interface. The file that caused the engine error is always quarantined. Delete is the default value.

  3. Click Save.

Related Topics