How do Auto-Protect and Insight Lookup work together (if any)?
Manual and scheduled scans are using Insight lookup. It's possible to define its sensitivity. And there is Download Insight, an integral part of Auto-Protect. These are features I understand.
However, what happens if Auto-Protect encounters a suspicious file that wasn't downloaded (so that Download Insight didn't run)? Is Auto-Protect using Insight Lookup?
When I was testing it with fresh .exe files, A-P didn't send anything to Symantec. However, when I executed the new file, there was a lookup, but I think it was triggered by SONAR.
Here is a citation of the Insight FAQ that confused me a bit:
3 B.
Each time the user performs a traditional virus scan of their computer (e.g., a weekly scan) or our AutoProtect real-time component scans a file, it will first determine if the file appears to be suspicious. If the file does not appear to be suspicious, no reputation lookup is performed. On the other hand, if the file does appear to be suspicious to our heuristics/fingerprint scanner, SEP looks up its reputation.
That sounds as if Auto-Protect seems to use Insight Lookup, but why isn't it possible to adjust Insight Lookup in the Auto-Protect settings (only in the Administrator-defined scan settings)?
Thanks in advance
Greg