McAfee QUICKCLEAN 3.0 Guide de l'utilisateur télécharger pdf (Page 21)

In the Scan Settings tab, configure these settings to control which files are scanned.

Increasing the Cache scan result of file size up to (MB) might negatively impact performance. The complete

file must transfer to the SVA to create an accurate hash of the file's contents.

• Scan Time — Green symbolizes a time slot where a scan might start; white symbolizes when a

scan might not start. Each grid cell can be toggled available (green) or unavailable (white) by

clicking the cell, column header, or row header.

In the Quarantine settings tab, configure the network share, so that all detected malware are

quarantined to the specified network share.

However, the malware that is detected on any virtual machine is quarantined only when you have

enabled the Quarantine configuration option under Scan policy.

Create a scan policy

Create a Scan policy to change behavior on managed systems.

Task

For option definitions, click ? in the interface.

From the ePolicy Orchestrator console, select Menu | Policy | Policy Catalog.

From the Product drop‑down list, select MOVE AV Agentless 3.0.0.

From the Category drop‑down list, select Scan.

Click New Policy.

On the New Policy page, configure the policy settings, then click OK.

In the General tab of the Policy Settings page for the newly‑created policy, configure the settings to

control basic behavior.

In the Scan Items tab, configure the settings to control which files are scanned.

McAfee Global Threat Intelligence file reputation — Configure the sensitivity level (between Very Low and Very

High) when determining if a detected sample is malware. By increasing the sensitivity level, you

might also get more false positive results.

In the Exclusions tab, configure the Path Exclusions by adding, editing, or removing a specific file path.

Wildcards are supported, however, environment variables aren't supported.

In the Actions tab, configure When a threat is found behavior. You must select a first action and a

secondary action.

For the first action, available options are Delete files automatically and Deny access to files. The only current

secondary action option is Deny access to files.

In the Quarantine tab, enable the Quarantine configuration option, so that the malware that is detected on

any virtual machine is quarantined.

Before enabling, make sure that you have provided correct quarantine details in the SVA policy. For

details, see Create an SVA policy.

Pas de commentaire

McAfee QUICKCLEAN 3.0 Guide de l'utilisateur Page 21