Configuring TruScan proactive threat scan settings for legacy clients

Article:HOWTO55255  |  Created: 2011-06-29  |  Updated: 2011-12-16  |  Article URL http://www.symantec.com/docs/HOWTO55255
Article Type
How To


Subject


Configuring TruScan proactive threat scan settings for legacy clients

Legacy clients cannot use SONAR settings. Instead, legacy clients use TruScan to detect unknown threats.

See Managing SONAR

By default, TruScan proactive threat scans detect Trojan horses, worms, and keyloggers. Also by default the detection response and sensitivity is determined by Symantec. For example, a detected process can be quarantined or logged. If you choose to configure the actions manually, you set a single action for detections. A detected process would always be quarantined or always logged depending on the action that you choose.

You can also set the action for commercial application detections.

Typically, you should not modify the default settings.

Note:

You control user notifications for TruScan detections on the SONAR Scan Details tab.

To configure TruScan proactive threat scan settings for legacy clients

  1. In the Virus and Spyware Protection policy, click SONAR.

  2. Select TruScan Legacy Client Settings.

    By default, the Scan Details, Detecting Commercial Applications, and Frequency settings are hidden.

  3. Click the arrow icon to expand the settings for Scan Details.

  4. Check or uncheck Scan for trojans and worms and Scan for keyloggers.

  5. To change the actions or sensitivity for either risk type, uncheck Use defaults defined by Symantec.

    Notifications are sent automatically if an action is set to Quarantine or Terminate. Use the Terminate action with caution. In some cases, you can cause an application to lose functionality.

  6. Do one of the following actions:

    • Move the slider to the left or right to decrease or increase the sensitivity, respectively.

    • Click Low or High.

  7. Click the arrow icon to expand the settings for Detecting Commercial Applications.

  8. Set the action for commercial keyloggers or commercial remote control programs.

  9. Click the arrow to expand the settings for Scan Frequency.

  10. Set one of the following options:

    • At the default scanning frequency

      The scan engine software determines the scan frequency. This option is the default setting.

    • At a custom scanning frequency

      If you enable this option, you can specify that the client scans new processes immediately when it detects them. You can also configure the scan frequency time.

  11. Click OK.


Legacy ID



v44056185_v59371754


Article URL http://www.symantec.com/docs/HOWTO55255


Terms of use for this information are found in Legal Notices