Configuring TruScan proactive threat scan settings for legacy clients
Legacy clients cannot use SONAR settings. Instead, legacy clients use TruScan to detect unknown threats.
See Managing SONAR
By default, TruScan proactive threat scans detect Trojan horses, worms, and keyloggers. Also by default the detection response and sensitivity is determined by Symantec. For example, a detected process can be quarantined or logged. If you choose to configure the actions manually, you set a single action for detections. A detected process would always be quarantined or always logged depending on the action that you choose.
You can also set the action for commercial application detections.
Typically, you should not modify the default settings.
You control user notifications for TruScan detections on the SONAR Scan Details tab.
To configure TruScan proactive threat scan settings for legacy clients
In the Virus and Spyware Protection policy, click .
By default, the Scan Details, Detecting Commercial Applications, and Frequency settings are hidden.
Click the arrow icon to expand the settings for Scan Details.
Check or uncheck and .
To change the actions or sensitivity for either risk type, uncheck .
Notifications are sent automatically if an action is set to Quarantine or Terminate. Use the Terminate action with caution. In some cases, you can cause an application to lose functionality.
Do one of the following actions:
Click the arrow icon to expand the settings for Detecting Commercial Applications.
Set the action for commercial keyloggers or commercial remote control programs.
Click the arrow to expand the settings for Scan Frequency.
Set one of the following options:
At the default scanning frequency
The scan engine software determines the scan frequency. This option is the default setting.
At a custom scanning frequency
If you enable this option, you can specify that the client scans new processes immediately when it detects them. You can also configure the scan frequency time.