Configuring SEP client options for end users to stop, pause, or 'snooze' administrator defined scans
|Article:TECH93376|||||Created: 2009-01-10|||||Updated: 2009-01-16|||||Article URL http://www.symantec.com/docs/TECH93376|
How can I give clients the ability to stop, pause, or snooze administrator defined scans a certain number of times, without granting end users full administrative control?
Users may wish to delay an administrator defined scan at certain times to free up system resources, but allowing them to postpone the scan indefinitely poses a security risk. You want to ensure that they can only perform this action a limited number of times, and don't want to grant full administrative rights over their client to allow them to do so.
1.) Within your SEPM, go to the Clients tab and select the appropriate group.
2.) Click the policy tab to the right, and make sure the option labeled 'Inherit policies and settings from parent group' is unchecked.
3.) Click on the Antivirus and Antispyware policy under Location-specific policies, and if prompted choose the option to 'Create Non-Shared Policy From Copy'.
4.) Within the Antivirus and Antispyware policy, select Administrator-defined Scans from the list on the left, then click the Advanced tab.
5.) In the Scan Progress Options section, select 'Show Scan Progress' from the drop down list, then set the check boxes according to which actions you want to allow the user to perform.
(Please note that it is generally recommended to only grant users the ability to pause or snooze a scan, since you can control the length of the pause permitted, as well as the number of times they can snooze. If you grant users permission to stop a scan, that administrator defined scan is aborted and will not be continued at a later time. However the next administrator defined scan which is scheduled will still run as normal.)
6.) Once you have decided what type of actions to grant the clients permission to perform, you can click the Pause Options button, and from here configure the length of time a user can pause a scan. In this section you can also set the number of snooze opportunities to be granted, and the snooze interval of either one or three hours.
Article URL http://www.symantec.com/docs/TECH93376