By default, Microsoft Forefront Protection 2010 for SharePoint (FPSP) uses the same set of scan engines for each antivirus scan job type (realtime, scheduled, and on-demand). For maximum performance, it is recommended that you retain the default settings, so that all available engines are used. However, if you so choose, you can manually disable one or more antivirus scan engines for each scan job. You can configure each scan job type separately; the engine settings are not global.

For more information about individual scan engines, visit each engine vendor's Web site. Links are provided at Microsoft Help and Support.

Note:
For antispyware scanning, you must use the Microsoft Antimalware Engine. It is enabled by default and cannot be disabled.
To manually select the engines used for each scan job
  1. In the Forefront Protection 2010 for SharePoint Administrator Console, click Policy Management, and under Global Settings, click Advanced Options.

  2. In the Global Settings - Advanced Options pane, under the Intelligent Engine Management section, using the Engine management drop-down list, select Manual.

  3. In the Engine selection section, you can enable or disable specific engines for each scan job type. Select the engine and type of scan you want to change, and then select Enabled (the default) or Disabled. Repeat this step to change additional engines, and then click Save.

Note:
For information about changing the schedule of engine updates, see Configuring engine and definition updates.

Configuring engine error action

You can set the action that FPSP should take if a scan engine error occurs. Examples of engine errors include: an engine exception, excessive read/write operations, a virus found without a virus name, multiple engine errors, and any other failure code returned by an engine.

To configure the engine error action
  1. In the FPSP Administrator Console, click Policy Management, and in Global Settings, click Advanced Options.

  2. In the Global Settings - Advanced Options pane, in the Scanning options section, configure the Engine error action, by selecting one of the following possible values:

    1. Ignore—Logs the error to the program log.

    2. Skip detect—Logs the error to the program log and displays an EngineError entry with a state of Detected in the user interface.

    3. Delete—Logs the error to the program log, deletes the file that caused the error, and displays an EngineError entry with a state of Removed in the user interface. The file that caused the engine error is always quarantined. Delete is the default value.

  3. Click Save.

Related Topics

[an error occurred while processing this directive]