Enable, disable or configure Bloodhound heuristic virus detection in Endpoint Protection

Article:TECH92424  |  Created: 2009-01-17  |  Updated: 2015-02-19  |  Article URL http://www.symantec.com/docs/TECH92424
Article Type
Technical Solution


Environment

Issue



You need to know how to enable or disable Bloodhound heuristic virus detection in Symantec Endpoint Protection Manager (SEPM), or change the level of protection it uses.


Solution



  1. In the SEPM, select Policies.
  2. Select AntiVirus and Antispyware.
  3. Right-click the desired AntiVirus and Antispyware policy from the list of policies in the right hand window pane and click Edit.
  4. Select File System Auto-Protect in the Antivirus and Antispyware Policy window.
  5. Under the Scan Details tab click the Advanced Scanning and Monitoring... button.
  6. Under Bloodhound(TM) Detection Settings you can check the setting to 'Enable Bloodhound(TM) heuristic virus detection' or disable it.
  7. Next to Level of protection to use: you can increase (Maximum) or lower (Minimum) the Bloodhound(TM)'s level of protection from the Default setting.

References
Configuring advanced scanning and monitoring options,
"Administration Guide for Symantec™ Endpoint Protection and Symantec Network Access Control"
ftp://ftp.symantec.com/public/english_us_canada/products/symantec_endpoint_protection/11.0/manuals/ru6/Administration_Guide_SEP11.0.6.pdf

Technical Information
Bloodhound Detection Settings - Bloodhound isolates and locates the logical regions of a file to detect a high percentage of unknown viruses. Bloodhound then analyzes the program logic for virus-like behavior.

By default, the level of protection is set to 2.



Legacy ID



2009021714114248


Article URL http://www.symantec.com/docs/TECH92424


Terms of use for this information are found in Legal Notices