Configuring process settings

On-access scan processes are configured based on the risk that you assign to each process. You can configure one default scanning policy for all processes or configure different policies based on the risk assigned to each process. Parameters include assigning risk to processes, defining items to scan, performing heuristic scanning, scanning compressed files, taking actions on detections, and scanning for potentially unwanted programs.

To access the Default Processes, Low-Risk Processes, or High-Risk Processes properties:
  • From the ePolicy Orchestrator console, go to Systems | Policy Catalog and select VirusScan Enterprise 8.7.0 in the Product list and On-Access Default Processes Policies, On-Access Low-Risk Processes Policies, or On-Access High-Risk Processes Policies in the Category list.

  • From the VirusScan Console, open the On-Access Scanner properties, then select Default Processes, Low-Risk Processes, or High-Risk Processes in the left pane.

Configure the options on each tab. For option descriptions, click ? or Help on each tab.

Tab descriptions

Tab Description
Processes
  • On-Access Default Processes — Choose to configure one scanning policy for all processes or configure different scanning policies for default processes, low-risk processes, and/or high-risk processes.
    Note: If you choose to configure one scanning policy, this policy applies to all processes. If you choose to configure different scanning policies for low-risk and/or high risk policies, this policy applies only to the processes that are not defined as low-risk or high-risk.
  • On-Access Low-Risk Processes — Specify the processes that you define as low-risk.
  • On-Access High-Risk Processes — Specify the processes that you define as high-risk.
Note: The Configure different scanning policies for high-risk, low-risk, and default processes option must be selected on the On-Access Default Processes tab before you can configure individual policies for low-risk and/or high-risk processes.
Scan Items
  • Configure whether to scan files on read, on write, on network drives and/or opened for backup.
  • Configure which files and file types to scan.
  • Scan for potential threats that resemble unwanted programs, Trojan horses and macro viruses.
  • Scan inside archives and decode MIME encoded files.
  • Enable on-access scanning for unwanted programs.
Exclusions Configure which disks, files, and folders to exclude from scanning.
Actions
For threat detections:
  • Primary action to take when a threat is detected.
  • Secondary action to take on a threat detection if the first action fails.
For unwanted program detections:
  • Primary action to take when an unwanted program is detected.
  • Secondary action to take on an unwanted program detection if the first action fails.