Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Pro

211

212

213

214

215

216

217

218

219

220

Manage Policies

202

Background Threat

Detection

Run Once

Disabled

Run Recurring

Run Once

If set to Run Recurring or Run Once, a full-disk scan is run to

detect and analyze any dormant threats on the disk.

An update to the Threat Model triggers a full-disk scan.

Watch for New

Files

Selected

Not Selected

If selected, any new or modified files are detected and

analyzed for dormant threats.

Dell recommends enabling this policy. However, If Auto

Quarantine is enabled for all Unsafe or Abnormal files, all

malicious files will be blocked at execution. Therefore, it is

not necessary to enable this policy with Auto Quarantine

mode unless you prefer to quarantine a file as it is added to a

disk but before execution.

Set Maximum

Archive File Size

to Scan

150 MB

The default setting is 150 MB.

Specify the maximum size of archive (compressed) files,

including .jar files to be scanned. Because scanning

compressed files can negatively affect computer

performance, Dell recommends Quick-Scan - Scan Archives

and Full-Scan - Scan Archives to be run during off-work hours.

Protection Settings

Enable Exclude

Specific Folders

(includes

subfolders)

Selected

Not Selected

Allow specific folders to be excluded from Auto Quarantine

and Auto Upload. This policy must be Selected to use the

Exclude Specific Folders policy.

Exclude Specific

Folders (includes

subfolders)

String

Folders specified in this policy are excluded from actions

performed based on Background Threat Detection and Watch

for New Files, when these policies are enabled. This exclusion

extends to subfolders of folders that are specified in this

policy.

All exclusions must be specified using the Absolute path of

that executable file.

Windows requires an absolute path (requires a drive letter)

Mac requires an absolute path (macOS does not use a drive

letter)

Correct (Windows): C:\Program Files\Dell\

Correct (Mac): /Mac\ HD/Users/Application\ Support/Dell

Incorrect: C:\Program Files\Dell\Executable.exe

Incorrect: \Program Files\Dell\

Escape any spaces in the path.

Application Control

Application

Control

Not Selected

Selected

Not Selected

If Selected, specified d

evices are locked down, restricting any

changes. Only applications that exist on a device before the

lock-down are allowed to execute on that device. Any new

applications, as well as changes to the executables of existing

applications, are denied. The Advanced Threat Prevention

agent updater is also disabled.

Additionally, certain File Action, Memory Action, and

Execution Control policies are automatically set. These

policies may be changed after they are automatically set,

without disabling Application Control. See

Policies Set by

Application Control

for a list of policies that are automatically

set when the Application Control policy is Selected.

To exclude specific folders from lockdown, specify the folders