Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureData Guardian

261

262

263

264

265

266

267

268

269

270

Manage Policies

254

• Contents of the Temp folder.

By default, the scanner scans all file types, regardless of extension.

Access Protection – Prevents other computers from making a connection and creating or altering

autorun (autorun.inf) files from CDs. The rule prevents spyware and adware distributed on CDs from

being executed and automatically blocks and reports such issues. Default: Selected (Enabled).

Exploit Protection – Monitors for application vulnerabilities and keeps buffer overflow exploits from

executing arbitrary code on the computer. Default: Selected (Enabled).

Script Scan Protection – Enables scanning JavaScript and VBScript scripts to prevent unwanted scripts

from executing. Default: Selected (Enabled).

Configurable Actions - After Threat is Detected

Actions taken if a threat, unwanted program, or exploit is detected are controlled by policy and include

the following:

Full-Scan Threat First Response - Specifies the first action for the scanner to take when a threat is

detected. Default: Clean file.

Full-Scan Threat First Response Fails - Specifies the action for the scanner to take when a threat is

detected if the first action fails. Default: Delete file.

Full-Scan Unwanted Program First Response - Specifies the first action for the scanner to take when a

potentially unwanted program is detected. Default: Clean file.

Full-Scan Unwanted Program First Response Fails - Specifies the action for the scanner to take when

an unwanted program is detected if the first action fails. Default: Delete file.

Quick-Scan Threat First Response - Specifies the first action for the scanner to take when a threat is

detected. Default: Clean file.

Quick-Scan Threat First Response Fails - Specifies the action for the scanner to take when a threat is

detected if the first action fails. Default: Delete file.

Quick-Scan Exploit First Response - Specifies the first action for the scanner to take when a potential

exploit is detected. Default: Clean file.

Quick-Scan Exploit First Response Fails - Specifies the action for the scanner to take when an exploit is

detected if the first action fails. Default: Delete file.

Reputation Service Sensitivity policies

When the Full-Scan Reputation Service Sensitivity or Quick-Scan Reputation Service Sensitivity policies

are enabled, samples are submitted to the Reputation Service lab to determine if they are malware. The

sensitivity level is used when determining if a detected sample is malware. The higher the sensitivity

level, the higher the number of malware detections. However, allowing more detections might result in

more false positive results.

The following values can be set:

Disable - Samples are not submitted to the Reputation Service lab.

Very Low - A detection is made available to Threat Protection when the Reputation Service lab

publishes it instead of waiting for the next file update. Average of 10-15 queries per day, per computer.

Low - This setting is the minimum recommendation for laptops or desktops and servers with a strong

security footprint. This setting results in an average of 10-15 queries per day, per computer.

Medium - Use this level when the regular risk of exposure to malware is greater than the risk of a false

positive. This setting is the minimum recommendation for laptops or desktops and servers. Average of

20-25 queries per day, per computer.