here is what I am trying to accomplish what is teh best course of action thanks guys
There are several configurations that we do in SAV 10 that I am able to duplicate with SEP 11 through policies and applying those policies to an unmanaged client installation package. Some of those configurations include: out-of-date warnings, actions to take when a virus is found, LiveUpdate configuration, scanning network drives, etc. I will not include those items in this list because I believe we can configure them as a part of the installation package.
Here are some of the other configurations that we do today in SAV 10 with a GRC.DAT file that we would like to do with SEP 11.
!KEY!=$REGROOT$\storages\filesystem\realtimescan
ExcludedExtensions=SNDF,MDF,LDF,DBF,AFW
ExcludedByExtensions=D1
HaveExceptionDirs=D1
HaveExceptionFiles=D1
!KEY!=$REGROOT$\storages\filesystem\realtimescan\noscandir
""C:\Data""=D1
""C:\Data1""=D1
""D:\Data""=D1
""D:\Data1""=D1
""C:\Temp""=D1
""C:\Temp1""=D1
""D:\Temp""=D1
""D:\Temp1""=D1
""C:\Program Files\IT\IT\Process Portal A\AppLog""=D1
""C:\Program Files\Common Files\IT\MSSQL$EBINSTANCE\Data""=D1
""C:\IT Data""=D1
""C:\HsData""=D1
""C:\oracle\admin""=D1
""C:\oracle\oradata""=D1
""C:\Documents and Settings\All Users\Application Data\company\IM\Archive""=D1
(Note: we would like to be able to replace the first 8 entries with wildcard entries such as "*\Data*" and "*\Temp*" but we're unsure if or how we could do that?)
For our scheduled scans, we update a different GRC.DAT file with some of the following settings:
!KEY!=$REGROOT$\localscans\clientscheduledscan_1
SecondMacroAction=D1
DoCompressed=D0
ZipExts=SARJ,LHA,ZIP,MME,LZH,UUE,CAB,LZ_,RTF,UU,MIM
FirstAction=D5
ScanBootSector=D1
Checksum=D0
DisplayStatusDialog=D1
NeededFreeDiskSpace=D30720000
Types=D6
WantedUtilization=D1
HaveExceptionDirs=D1
FirstMacroAction=D5
ScanMemory=D1
FileType=D0
ScanAllDrives=D0
MessageBox=D1
MessageText=SScan type: ~L Scan\nEvent: ~E\n~V\nFile: ~P\nLocation: ~C\nComputer: ~S\nUser: ~N\nAction taken: ~A
ZipFile=D1
Logger=D0
ZipDepth=D8
ScanLocked=D0
SecondAction=D1
Exts=S386,ACM,ACV,ADT,AX,BIN,BTM,CLA,COM,CPL,CSC,CSH,DLL,DOC,DOT,DRV,EXE,HLP,HTA,HTM,HTML,HTT,INF,INI,JS,JSE,JTD,MDB,MP?,MSO,OBD,OBT,OCX,OV?,PIF,PL,PM,POT,PPS,PPT,PRC,RAR,RTF,SCR,SH,SHB,SHS,SMM,SYS,VBE,VBS,VSD,VSS,VST,VXD,WBK,WSF,WSH,XL?
Softmice=D1
ExcludedByExtensions=D1
ExcludedExtensions=SNDF,MDF,LDF,DBF
PrescanExclude=D1
BackupToQuarantine=D1
CloseScan=D1
EnableDelay=D1
NoRecallTimeWindow=D30
NoRecallTimeWindowType=D0
CustomHSMVendorFlag1=D0
DoOffline=D8388608
HaveExceptionFiles=D1
ScanWhenIdle=D1
ScanWhenNotIdle=D1
ThrottleNetWare=D0
ScanWhenIdlePriority=D3
ScanWhenNotIdlePriority=D3
ThrottleNetWareTargetLoad=D40
ScanThreadCount=D2
ScanThreadsPerCPU=D1
StatusDialogTitle=SDPA Built-In Scan
TransmanStatusDialogTitle=Built-In Scan
!KEY!=$REGROOT$\localscans\clientscheduledscan_1\checksumconfig
FirstAction=D4
SecondAction=D4
!KEY!=$REGROOT$\localscans\clientscheduledscan_1\directories
""C:\Data""=D1
""C:\Data1""=D1
""D:\Data""=D1
""D:\Data1""=D1
""C:\Temp""=D1
""C:\Temp1""=D1
""D:\Temp""=D1
""D:\Temp1""=D1
""C:\Program Files\IT\Operate IT\Process Portal A\AppLog""=D1
""C:\Program Files\Common Files\IT\MSSQL$EBINSTANCE\Data""=D1
""C:\IT Data""=D1
""C:\HsData""=D1
""C:\oracle\admin""=D1
""C:\oracle\oradata""=D1
""C:\Documents and Settings\All Users\Application Data\company\IM\Archive""=D1
!KEY!=$REGROOT$\localscans\clientscheduledscan_1\fileexceptions
!KEY!=$REGROOT$\localscans\clientscheduledscan_1\files
!KEY!=$REGROOT$\localscans\clientscheduledscan_1\noscandir
!KEY!=$REGROOT$\localscans\clientscheduledscan_1\schedule
Type=D1
Enabled=D1
DayOfMonth=D0
DayOfWeek=D0
MinOfDay=(Dynamically created)
MissedEventEnabled=D0
TimeWindowDaily=D1
Created=D1046645095
SkipEvent=D0
Name=SDPA Built-In Scan
Since the only data that changes with the scheduled scans is the time of day, we were thinking that we could build the scheduled scan as a policy and include it in the client install package. After the install has been completed, we could then just modify the MinOfDay entry on each machine to give it a unique schedule. Would that work? Is there a better way?
Also, in SAV 10, we create unique LiveUpdate schedules for each client by running VPDN_LU.EXE from the Windows Scheduled Tasks. How do we accomplish this with SEP 11?