Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Enterprise

251

252

253

254

255

256

257

258

259

260

Manage Policies

• All drives on the computer and their subfolders.

By default, the scanner scans all file types, regardless of extension.

On-Demand Protection - Quick Scan – Based on a schedule set in policy, the on-demand scanner runs

a quick check of areas of the computer that are most susceptible to threats. Default: Selected (Enabled).

By default, every time Quick Scan runs, it scans the following for threats:

• Memory of all running processes.

• Files that the Windows Registry references.

• Contents of the Windows folder.

• Contents of the Temp folder.

By default, the scanner scans all file types, regardless of extension.

Access Protection – Prevents other computers from making a connection and creating or altering

autorun (autorun.inf) files from CDs. The rule prevents spyware and adware distributed on CDs from

being executed and automatically blocks and reports such issues. Default: Selected (Enabled).

Exploit Protection – Monitors for application vulnerabilities and keeps buffer overflow exploits from

executing arbitrary code on the computer. Default: Selected (Enabled).

Script Scan Protection – Enables scanning JavaScript and VBScript scripts to prevent unwanted scripts

from executing. Default: Selected (Enabled).

Configurable Actions - After Threat is Detected

Actions taken if a threat, unwanted program, or exploit is detected are controlled by policy and include

the following:

Full-Scan Threat First Response - Specifies the first action for the scanner to take when a threat is

detected. Default: Clean file.

Full-Scan Threat First Response Fails - Specifies the action for the scanner to take when a threat is

detected if the first action fails. Default: Delete file.

Full-Scan Unwanted Program First Response - Specifies the first action for the scanner to take when a

potentially unwanted program is detected. Default: Clean file.

Full-Scan Unwanted Program First Response Fails - Specifies the action for the scanner to take when

an unwanted program is detected if the first action fails. Default: Delete file.

Quick-Scan Threat First Response - Specifies the first action for the scanner to take when a threat is

detected. Default: Clean file.

Quick-Scan Threat First Response Fails - Specifies the action for the scanner to take when a threat is

detected if the first action fails. Default: Delete file.

Quick-Scan Exploit First Response - Specifies the first action for the scanner to take when a potential

exploit is detected. Default: Clean file.

Quick-Scan Exploit First Response Fails - Specifies the action for the scanner to take when an exploit is

detected if the first action fails. Default: Delete file.

Reputation Service Sensitivity policies

When the Full-Scan Reputation Service Sensitivity or Quick-Scan Reputation Service Sensitivity policies

are enabled, samples are submitted to the Reputation Service lab to determine if they are malware. The

sensitivity level is used when determining if a detected sample is malware. The higher the sensitivity

244