LANDeskAntivirus
features are accessed from the Security Configurations tool window
(Tools > Security > Security Configurations).
Antivirus lets you download and manage antivirus content (virus
definition files); configure antivirus scans; and customize
antivirus scanner display/interaction settings that determine how
the scanner appears and operates on target devices, and which
interactive options are available to end users. You can also view
antivirus-related information for scanned devices, enable antivirus
alerts, and generate antivirus reports.
The main section for LANDesk Antivirus introduces
this complementary security management tool, which is a component
of both LANDesk
Management Suite and LANDesk Security Suite.
In that section you'll find an overview, antivirus content
subscription information, as well as step-by-step instructions on
how to use Antivirus features.
This section contains the following online help that describes
the Antivirus dialogs. From the console interface, these help
sections are accessed by clicking the Help button on their
respective dialog box:
About the
LANDesk Antivirus page on the Download Updates dialog box
Use the LANDesk Antivirus page of the Download
Updates
dialog box to configure settings for downloading virus definition
file updates from LANDesk Security Suite
services. You can select to download Antivirus content (virus
definition/pattern files), specify when virus definition files are
available to distribute to managed devices (immediately or after a
pilot test period), and whether definition files are backed up.
You should be aware that the Updates page of the
Download updates
dialog box includes several Antivirus updates in the definition
type list, including one named LANDesk Antivirus Updates. When you
select this type, both the scanner detection content AND the virus
definition file updates are downloaded.
Antivirus updates are scanner definitions that detect:
Installation of common antivirus scanner engines
(including the LANDesk Antivirus agent)
Real-time scanning status (enabled or disabled)
Scanner-specific pattern file versions (up to date or
old)
Last scan date (whether the last scan is within the
maximum allowable time period specified by the administrator)
NOTE:Antivirus
scanner detection content versus virus definition content
Antivirus updates does not imply actual virus definition (or
pattern) files. When you download third-party antivirus updates,
only scanner detection content is downloaded to the default
repository, but scanner-specific virus definition files are not
downloaded. However, when you download LANDesk Antivirus updates,
both the scanner detection content AND the LANDesk
Antivirus-specific virus definition files are downloaded. LANDesk
Antivirus virus definition files are downloaded to a separate
location on the core server. The default virus definition file
repository is the \LDLogon\Antivirus\Bases folder.
You must have the proper LANDesk Security Suite
content subscription in order to download each type of security
content.
A basic LANDesk
Management Suite installation allows you to download and
scan for LANDesk software updates, and to create and use your own
custom definitions. For all other security content types, such as
platform-specific vulnerabilities, spyware, and including virus
definition (pattern) files, you MUST have a LANDesk Security Suite
content subscription in order to download the corresponding
definitions. For information about Security Suite content
subscriptions, contact your reseller, or visit the LANDesk Web site.
After you specify the types of content you want to download and
the other options on the Download updates dialog box:
To perform an immediate download, click Update
Now. If you click Apply, the settings you specify will
be saved and will appear the next time you open this dialog box. If
you click Close, you'll be prompted whether you want to save
the settings.
To schedule a download security content task, click
Schedule update to open the Scheduled update
information
dialog box, enter a name for the task, verify the information for
the task, and then click OK to add the task to Scheduled
tasks.
NOTE:Task-specific settings and global settings
Note that only the definition types, languages, and definition and
patch download settings are saved and associated with a specific
task when you create it. Those three settings are considered task
specific. However, all of the settings on the other pages of the
Download updates
dialog box are global, meaning they apply to all subsequent
security content download tasks. Global settings include: patch
download location, proxy server, spyware autofix, security alerts,
and antivirus. Any time you change a global settings it is
effective for all security content download tasks from that point
on.
To save your changes on any page of this dialog box at anytime,
click Apply.
The LANDesk Antivirus page contains the following
options:
Virus definitions approved for distribution:
Displays the date and version number of the most recently approved
virus definition files that are now available to distribute to your
managed devices. Approved virus definition files are located in the
default folder (\LDLogon\Antivirus\Bases) from which they are
deployed to target devices as part of on-demand and scheduled
antivirus scans. The exact time of the virus definition file update
(downloaded from the LANDesk security content site, which has the
very latest known pattern files) is noted in parentheses below this
field.
Virus definitions currently in pilot testing:
Displays the date and version number of the virus definition files
currently residing in your pilot folder, if you've downloaded virus
definitions to that location. Pilot testing helps you verify the
validity and usefulness of a virus definition file before using it
to scan your managed devices for viruses. Virus definitions that
have been downloaded to the pilot test folder can be deployed to
designated "test" target devices.
Virus definition updates:
Immediately approve (make available to all
computers): Downloads virus definitions directly to the default
folder (\LDLogon\Antivirus\Bases). Virus definitions downloaded to
the default folder are approved and can be deployed to target
devices for antivirus scanning.
Restrict them to a pilot test first: Download
virus definition files to the pilot folder for testing purposes.
Virus definitions in the pilot folder can be deployed to designated
test machines before being deployed to your managed devices.
Automatically approve pilot definitions after test
period expires (during next update): Automatically moves
downloaded virus definition files from the pilot folder to the
default virus definition folder when the next virus definition
update after the time period specified below occurs. This option is
available only if you're restricting virus definition file updates
to a pilot test, and lets you automate the approval of definition
files. If you don't enable this option, virus definition files in
the pilot folder must be approved manually with the Approve
now button.
Minimum test period: If you've enabled
automatic approval of virus definitions in the pilot folder, this
value specifies the duration of the test period. Be aware that
during this period scheduled virus definition file update tasks are
not processed.
Show reminder dialog box if definitions are out of
date: Displays a message on the core server console when virus
definition files have not been updated in the past seven (7)
days.
Download virus definition files for LANDesk
Antivirus 8: Ensures virus definition files that were part of
version 8 of LANDesk Antivirus are included in the download.
Get latest definitions: Starts an immediate
virus definition file download process. The Updating
Definitions
dialog box shows download progress.
Approve now: Lets you move virus definition
files from the pilot folder to the default virus definition folder
so that they can be deployed to target devices for antivirus
scanning.
Virus definition backups:
Make backups of previous definitions: Saves
downloads of earlier virus definition files. This can be helpful if
you need to go back to an older definition file to scan and clean
infected files, or to restore a virus definition file that resolved
a particular problem. (Virus definition file backups are saved in
separate folders named by the date and time they were created,
under: \LDLogon\Antivirus\Backups\)
Number of backups to keep: Specifies the
number of virus definition file downloads to save.
History: Lists all of the available virus definition
file backups.
Restore: Moves the selected virus definition
file backup to the antivirus default folder so that they can be
distributed to target devices.
Delete: Removes the selected virus definition
file backup permanently from the core server.
Download now: Immediately downloads the
selected security content types. The Updating Definitions
dialog shows progress and status of the download.
Schedule download: Opens the Scheduled
download information
dialog box, where you can type a unique name for this download
task, verify the download settings, and click OK to save the task
in the Scheduled task tool. (Note that only the definition types,
languages, and definition and patch download settings are saved and
associated when you create a particular task. Download settings on
the other pages of this dialog box, such as patch download
location, proxy settings, and alerting settings, are global,
meaning they apply to all the security content download tasks.
However, you can change those settings at any time and they will be
effective for all security content download tasks from that point
on.)
View log: Lets you select the location and
level of detail in a log file containing virus definition file
download information.
Apply: Saves your selected download settings
so that they are applied to the Download updates
dialog box and appear the next time you open the dialog box.
Close: Closes the dialog box without saving
your latest settings changes.
For a description of the options on the other pages of the
Download updates
dialog box, see About the Download Updates dialog
box in the Patch and Compliance help section.
Antivirus tasks help
About the Create LANDesk
Antivirus task dialog box
Use this dialog box to create a task that updates virus
definition files, configures antivirus scans on target devices
(with antivirus settings), or both. Antivirus settings determine
scanner behavior, scanned objects, and end user options.
NOTE:On-demand
antivirus scans
You can also run an on-demand antivirus scan on a device via the
device's shortcut menu.
This dialog box contains the following options:
Task name: Identifies the antivirus scan task
with a unique name.
Actions to perform: Specifies what the task is
going to do. You can select one or both of the actions.
Update virus definitions: Specifies the task
will update the virus definition files based on the settings on the
antivirus page of the Download updates dialog box.
Start antivirus scan: Specifies the task will
run an antivirus scan on target devices.
Create a scheduled task: Adds the scan task to
the Scheduled tasks window, where you can configure its scheduling
and recurrence options, and assign target devices.
Automatically target all LANDesk Antivirus
machines: Adds managed devices that have been configured with
the LANDesk Antivirus agent to the task's target devices list.
Start now: Runs the antivirus scan on devices
with the LANDesk Antivirus agent, adding it to the Scheduled tasks
tool, as soon as you and click OK.
Update virus definitions (including pilot) on
core: Automatically updates virus pattern files before the scan
is launched, including virus definition files that currently reside
in the pilot folder. (Note: The Update virus definitions option
above much be selected in order to use this option.)
Create a policy: Adds the antivirus scan task
as a policy to the Scheduled tasks window, where you can configure
the policy's options.
LANDesk Antivirus settings: Specifies
antivirus settings used for the scan task. Antivirus settings
determine whether the LANDesk Antivirus icon appears in the device
system tray, availability of interactive options to end users,
e-mail scan and real-time protection enabling, file types to scan,
files and folders to exclude, infected file quarantine and backup,
scheduled antivirus scans, and scheduled virus definition file
updates. Select one of the settings from the drop-down list. Click
Edit to modify the options for the selected settings. Click
Configure to create a new settings.
Virus definition files: Displays information
about the currently downloaded definition files. Click Download
updates to go to the LANDesk Antivirus page of the Download
updates dialog box to configure and schedule a virus definition
file download.
About the LANDesk Antivirus
scan now task dialog box
Use this dialog box to run an immediate on-demand antivirus scan
on one or more target devices.
Right-click the selected device (or up to 20
multi-selected devices), and then click LANDesk Antivirus scan
now.
Select an antivirus settings.
Specify whether to update virus definition files
before scanning. (Note: This option automatically updates virus
pattern files before the scan is launched, including virus
definition files that currently reside in the pilot folder.)
Click OK.
Antivirus settings help
About the LANDesk Antivirus
settings dialog box
Use this dialog box to create and edit an antivirus settings.
Antivirus settings determine whether the LANDesk Antivirus icon
appears in the device system tray, availability of interactive
options to end users, e-mail scan and real-time protection
enabling, file types to scan, files and folders to exclude,
infected file quarantine and backup, scheduled antivirus scans, and
scheduled virus definition file updates.
If you want to modify a device's default antivirus settings
without redeploying an antivirus scan task, make your desired
change to any of the settings on the various pages of the Antivirus
settings dialog box, assign the new settings to a change settings
task, and then deploy the change settings task to target
devices.
Once configured, you can apply antivirus settings to antivirus
scan tasks and to change settings tasks.
Use this page to configure the basic antivirus scanner settings
on target devices.
This page contains the following options:
Name: Identifies
the antivirus settings with a unique name. This name appears in the
settings drop-down list on an antivirus scan task dialog box.
Show LANDesk
Antivirus icon in system tray: Makes the LANDesk Antivirus icon
appear in the device system tray. The icon's appearance depends on
the status of antivirus protection, indicating whether real-time
protection is enabled. If the arrow icon is yellow, real-time
protection is enabled meaning the device is continuously being
monitored for viruses. If the icon is gray, real-time protection is
not enabled.
NOTE: End users can double-click the icon to open the
LANDesk Antivirus client and perform tasks. They can also
right-click the icon to access the shortcut menu and select to run
a scan and update antivirus files.
Enable e-mail scanning: Enables real-time
e-mail scanning on target devices. Real-time e-mail scanning
continuously monitors incoming and outgoing messages (supported
applications include: Microsoft Outlook), checking for viruses in
both the body of the message and any attached files and messages.
Any detected viruses are removed.
Enable right-click scanning: Provides an
option on the LANDesk Antivirus client that allows end users to
select a file, group of files, folder, or group of folders, and
right click the selection to perform an antivirus scan.
Scan for risky software in addition to viruses
(extended database): Provides an option on the LANDesk
Antivirus client that allows end users to scan for riskware (i.e.,
FTP, IRC, remote control utilities, etc.) using an extended
database that is loaded on the managed device.
Allow user to add files and folders to Trusted
Items list: Provides an option on the LANDesk Antivirus client
that lets users identify files and folders they don't want scanned
for viruses. Files and folders in this list are ignored by an
antivirus scan. Users should be made aware that they should move
only safe files to their trusted items list.
CPU utilization when scanning: Lets you
control CPU usage on target machines when LANDesk Antivirus runs an
antivirus scan.
Owner: Lets you specify an owner for the
antivirus settings in order to prevent unauthorized modification.
Only the owner and users with the Administrator right can access
and modify the settings. Other users can only view the settings.
The public user option allows universal access to the
settings.
Set as default: Establishes this antivirus
settings (including the option settings on all of the Antivirus
settings dialog box's tabs) as the default on target devices.
Unless an antivirus scan task has a specific antivirus settings
associated with it, the default settings are used during scan and
definition file update tasks.
Restore defaults: Restores the predefined
default settings for all of the antivirus options on the dialog
box's tabs.
About the
Antivirus: Real-time protection page
Use this page to enable and configure real-time file protection,
which files to protect and what to exclude, and end user
notification.
Real-time protection is an ongoing (background) scan of
specified files, folders, and file types by extension. When
real-time protection is running, files are scanned for viruses
every time they are opened, closed, accessed, copied, or saved.
When real-time protection is enabled, the LANDesk Antivirus
system tray icon is yellow. The icon is gray when real-time
protection is turned off.
This page contains the following options:
Enable real-time file
protection: Turns on real-time file protection on target
devices. Real-time file protection runs in the background and scans
for known viruses according to the downloaded virus definition
files
Show real-time messages on client: Displays
messages on target devices to notify users of certain LANDesk
Antivirus activities. End users are notified when an infected file
is detected, quarantined, deleted, skipped, or cleaned. Message
dialog boxes show the path, file name, virus name, and a note
telling the end user to contact their network administrator.
Allow user to disable real-time scanning for up
to: Provides an option on the LANDesk Antivirus client that
allows the end user to turn off real-time file protection for a
specified period of time. You should keep the amount of time to a
minimum so that users can't disable real-time protection long
term.
Exclude network paths: Limits real-time file
scanning to local drives, and does not include mapped network
drives.
Scan all file types: Specifies that files of
all types on the target device are scanned by an antivirus scan.
This may take a long time so it is a good idea to scan all file
types with an on-demand scan rather than real-time protection.
Scan infectable files only: Specifies that
infectable files only are scanned. Infectable files are those types
of files known to be vulnerable to virus infections. Scanning only
infectable files is more efficient than scanning all files because
some viruses affect only certain file types. However, you should
make a habit of regularly scanning all the files with an on-demand
scan in order to ensure devices are clean.
NOTE: Infectable file types are identified by their format
identifier in the file header rather than by their file extension,
ensuring that renamed files are scanned. Infectable files include:
document files such as Word and Excel files; template files that
are associated with document files; and program files such as
Dynamic Link Libraries (.DLLs), communication files (.COM),
Executable files (.EXEs), and other program files. See below for a
complete list of infectable file types.
Use heuristics to scan for suspicious files:
Utilizes the scanner's heuristic analysis capability when scanning
target devices. Heuristic scanning attempts to detect files
suspected of being infected by a virus by looking for suspicious
behavior such as a program that: modifies itself, immediately tries
to find other executables, or is modified after terminating. Using
heuristic scanning may negatively affect performance on managed
devices.
Exclude the following files and folders:
Add: Opens the Add excluded path
dialog box where you can create new exclusions to specify the
files, folders, or file types (by extension) you want to exclude
from an antivirus scan associated with this settings.
Edit: Opens the selected exclusion so you can
modify a file path, file name, file extension, and variables.
Delete: Removes the selected exclusion from
the antivirus settings.
About the Add excluded
path dialog box
Use this dialog box (accessed from the Real-time protection
dialog box) to add exclusions that specify objects that aren't
scanned for viruses by either an antivirus scan or real-time
protection. Antivirus scan tasks (and change settings tasks)
associated with this antivirus settings will use these
exclusions.
You can exclude specific files, entire folders, and file types
by their extensions.
This dialog box contains the following options:
Type: Indicates the type of object you want
excluded from antivirus scanning. Select a type and then enter its
precise attributes in the Object field.
Object: Type the full file path and name of
(or browse to and select) the file or folder you want to exclude.
If you selected the file extension type, type the extension's
characters in the Object field.
Insert variable: Allows you to use system
environment variables to identify the path to a folder or an object
that you would like to exclude from the antivirus scan or
protection scope.
About the Antivirus:
Virus scan page
Use this page to specify which files to scan for viruses, what
to exclude from the scan, and whether to use heuristics to scan for
suspicious files.
This page contains the following options:
Scan all file types: Specifies that files of
all types on the target device are scanned by an antivirus scan.
This may take a long time so it is a good idea to scan all file
types with an on-demand scan rather than real-time protection.
Scan infectable files only: Specifies that
infectable files only are scanned. Infectable files are those types
of files known to be vulnerable to virus infections. Scanning only
infectable files is more efficient than scanning all files because
some viruses affect only certain file types. However, you should
make a habit of regularly scanning all the files with an on-demand
scan in order to ensure devices are clean. See below for a complete
list of infectable file types.
Use heuristics to scan for suspicious files:
Utilizes the scanner's heuristic analysis capability when scanning
target devices. Heuristic scanning attempts to detect files
suspected of being infected by a virus by looking for suspicious
behavior, such as: a program that is self-modifying, immediately
tries to find other executables, or appears changed upon
termination. Using heuristic scanning may negatively affect
performance on managed devices.
Exclude the following files and folders
Add: Opens the Add excluded path
dialog box where you can create new exclusions to specify the
files, folders, or file types (by extension) you want to exclude
from an antivirus scan associated with this settings.
Edit: Opens the selected exclusion so you can
modify a file path, file name, file extension, and variables.
Delete: Removes the selected exclusion from
the antivirus settings.
Clean up registry: Specifies the registry is
included in the antivirus scan.
NOTE:System
restore point scanning
LANDesk Antivirus will scan the files in any system restore point
folders that may exist on the managed device.
Infectable file types
Infectable file types are identified by their format identifier
in the file header rather than by their file extension, ensuring
that renamed files are scanned.
Infectable files include: document files such as Word and Excel
files; template files that are associated with document files; and
program files such as Dynamic Link Libraries (.DLLs), communication
files (.COM), Executable files (.EXEs), and other program files.
See below for a list of infectable file types by the file format's
standard or original file extension.
ACM
ACV
ADT
AX
BAT
BIN
BTM
CLA
COM
CPL
CSC
CSH
DLL
DOC
DOT
DRV
EXE
HLP
HTA
HTM
HTML
HTT
INF
INI
JS
JSE
JTD
MDB
MSO
OBD
OBT
OCX
PIF
PL
PM
POT
PPS
PPT
RTF
SCR
SH
SHB
SHS
SMM
SYS
VBE
VBS
VSD
VSS
VST
VXD
WSF
WSH
About the
Antivirus: Scheduled scan page
Use this page to enable and configure a recurring scheduled
antivirus scan on target devices.
NOTE:LANDesk
Antivirus scan types
You can scan your managed devices for viruses with scheduled scans,
on-demand scans, as well as real-time file and e-mail protection.
End users can also perform on-demand scans of their own
computer.
This page contains the following options:
Have LANDesk Antivirus scan devices for viruses at
a scheduled time: Enables a recurring scheduled antivirus scan
that runs on target devices according to the start time, frequency,
time restriction, and bandwidth requirement you specify.
Allow user to schedule scans: Lets the end
user create a local scheduled antivirus scan on their own
machine.
About the Schedule periodic
antivirus scans dialog box
If you want this antivirus settings to include a recurring
antivirus scan, use this dialog box to specify start time,
frequency, time restriction, and bandwidth requirement settings.
Antivirus scan tasks (and change settings tasks) associated with
this settings will use the rules defined here.
All criteria in this dialog box that you configure must be met
before the task will execute. For example, if you configure a
schedule that repeats every day between 8 and 9 o'clock with a
Machine state of Desktop must be locked, the task
will only execute if it's between 8 and 9 o'clock AND the machine
is locked.
This dialog box contains the following options:
Start: Click this option to display a calendar
where you can select the day you want the task to start. Once you
pick a day, you can also enter a time of day. These options default
to the current date and time.
Repeat after: Schedules the scan to recur
periodically. Select the number of minutes, hours, and days to
control how often the task repeats.
Time range: If you want the task to run
between certain hours, select the start and end hours. The hours
are in 24-hour (military) time format.
Weekly between: If you want the task to run
between certain days of the week, select the start and end
days.
Monthly between: If you want the task to run
between certain dates of the month, set the start and end
dates.
Minimum bandwidth: When configuring local
scheduler commands, you can specify the minimum bandwidth criteria
necessary for the task to execute. The bandwidth test consists of
network traffic to the device you specify. When the time comes for
the task to execute, each device running the local scheduler task
will send a small amount of ICMP network traffic to the device you
specify and evaluate the transfer performance. If the test target
device isn't available, the task won't execute. You can select
these minimum bandwidth options:
RAS: The task executes if the device's network
connection to the target device is at least RAS or dialup speed, as
detected through the networking API. Selecting this option
generally means the task will always run if the device has a
network connection of any sort.
WAN: The task executes if the device's
connection to the target device is at least WAN speed. WAN speed is
defined as a non-RAS connection that's slower than the LAN
threshold.
LAN: The task executes when the device's
connection to the target device exceeds the LAN speed settings. LAN
speed is defined as anything greater than 262,144 bps by default.
You can set the LAN threshold in agent configuration (Tools >
Configuration > Agent Configuration > Bandwidth Detection
page). Changes won't take effect until you deploy the updated
configuration to devices.
To computer name: Identifies the computer that
is used to test the device bandwidth. The test transmission is
between a target device and this computer.
Machine state: If you want the task execution
criteria to include a machine state, select one from the drop-down
list.
Additional random delay once all other filters
pass: If you want an additional random delay, use this option.
If you select a random delay that extends beyond the time limits
you configured for the task, the task may not run if the random
value puts the task outside the configured time limits.
Delay up to: Select additional random delay
you want.
And at least: If you want the task to wait at
least a certain number of minutes before executing, select this
option. For example, if you're scheduling an inventory scan, you
could enter a five here so a computer has time to finish booting
before the scan starts, improving the computer's responsiveness for
the user.
About the
Antivirus: Virus definition updates page
Use this page to configure virus definition (pattern) file
updates scheduling, user download options, and access options, for
target devices with this antivirus settings.
This page contains the following options:
Download pilot version of virus definition
files: Download virus definition files from the pilot test
folder instead of from the default
repository(\LDLogon\Antivirus\Bases) on the core server. Virus
definitions in the pilot folder can be downloaded by a restricted
set of users for the purpose of testing the virus definitions
before deploying them to the entire network. When you create an
antivirus scan task, you can also select to download the latest
virus definitions updates, including those residing in the pilot
test folder, then associate an antivirus settings with this option
enabled to ensure that the test machines receive the latest known
virus definition files. If this option is selected, virus
definition files in the default folder (\LDLogon\Antivirus\Bases)
are not downloaded.
Users may download virus definition updates:
Provides end users on target devices the option of downloading
virus definition files by themselves. This option displays on the
LANDesk Antivirus client and can be accessed from that dialog box
as well as by right-clicking the LANDesk Antivirus system tray
icon.
NOTE: When an end user downloads virus definition files, the
device attempts to connect to servers in the following order: 1)
preferred server (if one is configured); 2) core server; 3)
LANDesk security
content subscription website.
Schedule virus definition updates: Enables a
recurring scheduled virus definition file update that runs on
target devices according to the start time, frequency, time
restriction, and bandwidth requirement you specify.
Change settings: Opens the Schedule dialog box
where you can specify the scheduling options.
Download from: Specifies the source site from
which virus definition files are downloaded. Depending on which
option you select from the drop-down list here, one or both of the
download source site options (core server and Internet security
content server) described below are enabled and can be
configured.
Core download options: Lets you configure core
server settings if you've selected one of the download source site
options above that includes the core.
Download updates as a single file if changed file
count is greater than: Specifies the maximum number of new or
updated individual virus definition files that are downloaded
separately before they are downloaded as a single compressed
file.
Disable peer download: Prevents virus
definition file downloads via peer download (the local cache or a
peer in the same multicast domain).
Disable preferred server: Prevents virus
definition file downloads via a preferred server. For more
information about preferred servers, see Software
distribution.
Internet download options: Lets you configure
security content server settings if you've selected one of the
download source site options above that includes the Internet.
Source site: Specifies the security content
server that is accessed to download the latest definitions to your
database. Select the server nearest your location.
Fall back to alternate source site on failure:
Automatically attempts to download updates from another security
content server, where the antivirus signatures reside, if the
specified source site is unable to transmit files.
About the
Schedule periodic antivirus updates dialog box
If you want this antivirus settings to include a recurring virus
definition update, use this dialog box to specify start time,
frequency, time restriction, and bandwidth requirement settings.
Antivirus scan tasks (and change settings tasks) associated with
this settings will use the rules defined here.
Use this page to configure the size of the quarantine/backup
folder, and the object restore options you want to make available
to end users.
This page contains the following options:
Limit size of quarantine/backup folder: Allows
you to specify the maximum size of the shared quarantine\backup
folder on target devices. This folder is a safe, isolated storage
area on devices that have LANDesk Antivirus. By default, the
quarantine storage size is 50 MB and quarantined objects are stored
for 90 days. Objects in the quarantine\backup folder can be
rescanned, deleted, or restored.
NOTE: Quarantined files are automatically rescanned with the
latest virus definitions whenever an on-demand scan is run or
whenever the antivirus pattern files are updated on the device, in
order to find out if any infected objects can be cleaned. If a
quarantined file can be cleaned, it is automatically restored and
the user is notified.
NOTE: When a virus infection is discovered, the infected
file is first backed up (with a *.bak extension in the
\LDClient\Antivirus\ folder) and then cleaned. If it can't be
disinfected the original file it is moved to the quarantine folder
(with a *.qar extension in \LDClient\Antivirus folder). Then the
virus string is removed and the file is encrypted so it can't be
accessed or executed.
Maximum size: Specifies the maximum size of
the shared quarantine/backup folder on devices with the LANDesk
Antivirus agent.
Restoring objects: Specifies end user rights
for restoring objects that have been quarantined.
Allow user to restore suspicious objects:
Provides end users the option of restoring suspicious objects
detected by an antivirus scan or by real-time protection.
Suspicious objects are those which contain code that is either
modified or reminiscent to that of a known virus. Suspicious
objects are automatically quarantined. If this option is selected,
end users can move the original file from the quarantine folder to
a specified destination folder or to its original location, where
it was stored before quarantining, disinfection, or deleting. Note
that If real-time protection is running, the restored file is
scanned and if it's still infected it's put back in the
quarantine.
Allow user to restore
infected objects and risky software: Provides end users the
option of restoring infected objects detected by an antivirus scan
or by real-time protection. Infected objects are those containing
harmful code which is detected by a known viruses definition
(pattern or signature) file. Infected objects can further damage
managed devices. Risky software is essentially client software that
has the possibility of being risky for the end user. For example:
FTP, IRC, MIrc, RAdmin, or remote control utility software. (In the
case of a false-positive scan result, the end user may feel
confident and comfortable enough to restore the file. This option
lets users restore files to network shares. If they restore an
infected file to the original location, the next antivirus scan
will detect the same virus, even if it's false-positive, and simply
put the file back in quarantine.)
User must enter password to restore objects:
Requires users to enter the specified password before they can
restore suspicious or infected objects, or risky software. The user
is prompted to enter the password when they attempt to restore the
object from the quarantine/backup folder. If you enable this option
to password protect quarantined objects, you must share this
password with the users you want to be able to restore those
objects.
Password: Enter the password needed for users
to restore quarantined objects.
Deleting files: Specifies whether files are
automatically deleted.
Automatically delete quarantine files:
Indicates all quarantined files older than the specified period
will be automatically deleted.
Automatically delete backup files: Indicates
all backed up files older than the specified period will be
automatically deleted.