PS -- Where's the best place for this post?  I wanted it in a general SEP AV forum.  I got stuck in documentation....

How to Create a Schedule Custom Scan for the Symantec Endpoint Protection Client ?

http://www.symantec.com/business/support/index?page=content&id=TECH96071

This is for a scheduled scan, setup/controlled on the management side.  It's possible to create a custom scan on the user side too, but then a box pops up when the scan runs.  And that's creating it on the individual computer.  I just want one policy applied to every computer in that group.

Under the policy editing side, admin-defined scans, I can add a new scan.  Set it to a scan type of custom.  When I edit the folders for that custom scan I can't get c:\users  or c:\users\*.*   If I could tell it to do that, I'd be set.  It's the same on each computer.

It's only got these folders for the custom scan...

common_appdata

common_desktopdirectory

common_documents

common_programs

common_startup

rogram_files

program_files_common

system

windows

I'm more concerned about scanning everything in the main user's folder for that computer.  If I could scan all the users, that's fine too.  Scanning c:\users sounded like less work policy-wise.

Am I stuck with SEP on this?  Is that the limit?  The custom scan looks like it's piecing out an active scan.  It's not looking that useful.

Hi,

I have provide artical is you can create custom Scan at SEP client side.

How to Create a Schedule Custom Scan for the Symantec Endpoint Protection Client ?

http://www.symantec.com/business/support/index?page=content&id=TECH96071

What sepm version are you using ?

Hi,

would that cause any user performance issue ?

what about if the user account like Home Directory is on the file server ?

would that cause any user performance issue ?

No as a normal scan time.

what about if the user account like Home Directory is on the file server ?

You can set drive wise scan,

How to Schedule Scan on Symantec Endpoint Protection Managed and UnManaged Clients

http://www.symantec.com/business/support/index?page=content&id=TECH179307

I'm afraid the only way to create a scan that targets a specific folder, is on a SEP Client.  The administrator defined custom scans as configured from the SEPM only allow the targetting of the "Common" folder types as you've found.

If you have a mandatory requirement to specifically scan your identified folders, then you may want to look into the doscan.exe function.  Just be aware, that as it is a client side function, you won't be able to manage its schedule from the SEPM and will have to investigate other means of managing it (i.e. Altiris/Windows Scheduled Tasks/etc).

More info on doscan.exe below:
http://www.symantec.com/docs/TECH104287

However, an Active Scan is usually sufficient, and scans the most common load points for threats and risks.

Hmm.  That stinks.  The point of getting SEP was to manage everything from one place.  It sounds like it's possible to do the scan on an individual computer, setting it up on that individual computer, but that's way more work.   And I've noticed the scan box pops up on the client side when the custom scan runs.

Maybe I'll run the custom scan at night if I go that direction.

Thanks for your help.

As a side note, you can create an Idea for this to get it voted on and reviewed and hopefully included in a future release.

How do you submit an idea?