Administer-Defined Scans |
Balanced |
High Performance |
High Security |
Daily Scheduled Scan |
Enabled, every day at 12:30AM |
Enabled, every day at 12:30AM |
Enabled, every day at 12:30AM |
Scan Type |
Active Scan |
Active Scan |
Active Scan |
File types |
Scan all files |
Scan all files |
Scan all files |
Enhance scan by checking: Memory... |
Yes |
Yes |
Yes |
...common infection locations |
Yes |
Yes |
Yes |
...well-known virus and security risk locations |
Yes |
Yes |
Yes |
Scan Compressed Files |
Yes, 3 levels deep |
Yes, 3 levels deep |
Yes, 3 levels deep |
Storage Migration... |
Skip offline and sparse files |
Skip offline and sparse files |
Skip offline and sparse files |
...open files with backup semantics |
No |
No |
No |
Tuning |
Best Application Performance |
Best Application Performance |
Best Application Performance |
Enable Insight Lookup |
Yes |
Yes |
Yes |
Insight Level |
Level 5 (Typical) |
Level 1 (Minimum) |
Level 5 (Typical) |
Insight reputation detections: 1st action / 2nd action if first fails |
Quarantine/Leave alone (log only) |
Quarantine/Leave alone (log only) |
Quarantine/Leave alone (log only) |
Schedule |
Daily at 12:30AM |
Daily at 12:30AM |
Daily at 12:30AM |
Scan Duration |
Scan up to 2 hours |
Scan up to 2 hours |
Scan up to 2 hours |
Randomize start time |
Yes |
Yes |
Yes |
Retry scan |
Yes, within 72 hours |
Yes, within 264 hours |
Yes, within 72 hours |
Malware detections: 1st action / and 2nd action if first fails |
Clean/Quarantine |
Clean/Quarantine |
Clean/Quarantine |
Virus: Override actions configured for malware? |
No |
No |
No |
Security Risk detections: 1st action / and 2nd action if first fails |
Quarantine/Leave alone—log only |
Quarantine/Leave alone—log only |
Quarantine/Leave alone—log only |
Adware: Override actions configured for security risks? |
No |
No |
No |
Dialer? |
No |
No |
No |
Hack Tool? |
No |
No |
No |
Joke Program? |
No |
No |
No |
Misleading Application? |
No |
No |
No |
Parental Control? |
No |
No |
No |
Remote Access? |
No |
No |
No |
Security Assessment Tool? |
No |
No |
No |
Security Risk? |
No |
No |
No |
Spyware? |
No |
No |
No |
Trackware? |
No |
No |
No |
Backup files before attempting repair |
Yes |
Yes |
Yes |
Terminate processes automatically |
Yes |
Yes |
Yes |
Stop services automatically |
Yes |
Yes |
Yes |
Display notification on infected computer |
No |
No |
No |
Administrator On-demand Scan Settings |
|
|
|
Scan the following folders |
All Folders |
All Folders |
All Folders |
File types |
Scan all files |
Scan all files |
Scan all files |
Enhance scan by checking: Memory... |
Yes |
Yes |
Yes |
...common infection locations |
Yes |
Yes |
Yes |
...well-known virus and security risk locations |
Yes |
Yes |
Yes |
Scan Compressed Files |
Yes, 3 levels deep |
Yes, 3 levels deep |
Yes, 3 levels deep |
Storage Migration... |
Skip offline and sparse files |
Skip offline and sparse files |
Skip offline and sparse files |
...open files with backup semantics |
No |
No |
No |
Tuning |
Best Application Performance |
Best Application Performance |
Best Application Performance |
Insight Lookup |
Enabled |
Enabled |
Enabled |
Insight Level |
Level 5 (Typical) |
Level 1 (Minimum) |
Level 5 (Typical) |
Insight detections: 1st action / and 2nd action if first fails |
Quarantine/Leave alone—log only |
Quarantine/Leave alone—log only |
Quarantine/Leave alone—log only |
Malware detections: 1st action / and 2nd action if first fails |
Clean/Quarantine |
Clean/Quarantine |
Clean/Quarantine |
Virus: Override actions configured for malware? |
No |
No |
No |
Security Risk detections: 1st action / and 2nd action if first fails |
Quarantine/Leave alone—log only |
Quarantine/Leave alone—log only |
Quarantine/Leave alone—log only |
Adware: Override actions configured for security risks? |
No |
No |
No |
Dialer? |
No |
No |
No |
Hack Tool? |
No |
No |
No |
Joke Program? |
No |
No |
No |
Misleading Application? |
No |
No |
No |
Parental Control? |
No |
No |
No |
Remote Access? |
No |
No |
No |
Security Assessment Tool? |
No |
No |
No |
Security Risk? |
No |
No |
No |
Spyware? |
No |
No |
No |
Trackware? |
No |
No |
No |
Backup files before attempting repair |
Yes |
Yes |
Yes |
Terminate processes automatically |
Yes |
Yes |
Yes |
Stop services automatically |
Yes |
Yes |
Yes |
Display notification on infected computer |
No |
No |
No |
Administer-Defined Scans, Advanced Tab |
|
|
|
Delay scheduled scans when running on batteries |
Yes |
Yes |
Yes |
Allow user-defined scans to run when user is not logged on |
Yes |
Yes |
Yes |
Display notifications about detections when user logs on |
Yes |
Yes |
Yes |
Allow startup scans to run when user logs on |
No |
No |
No |
Run an active scan when new definitions arrive |
Yes |
Yes |
Yes |
Show scan progress |
No |
No |
No |
Auto-Protect |
Balanced |
High Performance |
High Security |
Auto-Protect Scan Details |
|
|
|
Enabled |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
File types to scan |
Scan all files (unlocked) |
Scan only selected exensions (common programs and documents) (unlocked) |
Scan all files (LOCKED) |
Scan for security risks |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Block security risks from being installed |
Yes (LOCKED) |
Yes (LOCKED) |
Yes (LOCKED) |
Scan files on remote computers... |
Yes (unlocked) |
No (unlocked) |
Yes (LOCKED) |
...scan remote files only when files are executed |
Yes (unlocked) |
N/A |
Yes (LOCKED) |
Trust files on remote computers running Auto-Protect |
Yes (unlocked) |
N/A |
Yes (LOCKED) |
Enable network cache |
Yes; keep up to 30 entries, delete entries after 600 seconds (unlocked) |
N/A |
Yes; keep up to 30 entries, delete entries after 600 seconds (LOCKED) |
Activities that trigger Auto-Protect scan |
File is accessed or modified (unlocked) |
File is accessed or modified (unlocked) |
File is accessed or modified (LOCKED) |
Scan when a file is backed up |
Yes (unlocked) |
No (unlocked) |
Yes (LOCKED) |
Do not scan files when trusted processes access the files |
Yes (unlocked) |
Yes (unlocked) |
Yes (unlocked) |
Check floppies for boot virus when accessed |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Action to take when floppy boot virus is found |
Leave alone (log only) (unlocked) |
Leave alone (log only) (unlocked) |
Leave alone (log only) (LOCKED) |
Even if action is 'Leave alone (log only)': delete newly created viruses? |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
...delete newly created security risks? |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Preserve file times |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Malware detections: 1st action / and 2nd action if first fails |
Clean/Quarantine (unlocked) |
Clean/Quarantine (unlocked) |
Clean/Quarantine (LOCKED) |
Virus: Override actions configured for malware? |
No (unlocked) |
No (unlocked) |
No (unlocked) |
Security Risk detections: 1st action / and 2nd action if first fails |
Quarantine/delete (unlocked) |
Quarantine/leave alone (unlocked) |
Quarantine/delete (LOCKED) |
Adware: Override actions configured for security risks? |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Dialer? |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Hack Tool? |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Joke Program? |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Misleading Application? |
No (unlocked) |
No (unlocked) |
No (unlocked) |
Parental Control? |
No (unlocked) |
No (unlocked) |
No (unlocked) |
Remote Access? |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Security Assessment Tool? |
No (unlocked) |
No (unlocked) |
No (unlocked) |
Security Risk? |
No (unlocked) |
No (unlocked) |
No (unlocked) |
Spyware? |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Trackware? |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Backup files before attempting to repair them |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Terminate processes automatically |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Stop services automatically |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Display notification on infected computer |
No (unlocked) |
No (unlocked) |
Yes (LOCKED) |
Display the Auto-Protect results dialog on the infected computer |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Load auto-protect when |
When computer starts (unlocked) |
When SEP starts (unlocked) |
When computer starts (LOCKED) |
Check floppies when computer shuts down |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
When Auto-Protect must be reloaded |
Stop and reload Auto-Protect (unlocked) |
Stop and reload Auto-Protect (unlocked) |
Stop and reload Auto-Protect (LOCKED) |
When Auto-Protect is disabled, enable after X minutes |
Yes, 5 minutes (unlocked) |
Yes, 5 minutes (unlocked) |
Yes, 5 minutes (LOCKED) |
Enable file cache... |
Yes, use default cache size (unlocked) |
Yes, use default cache size (unlocked) |
Yes, use default cache size (LOCKED) |
...rescan cache when new definitions arrive |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Enable Risk Tracer... |
No (unlocked) |
No (unlocked) |
Yes (LOCKED) |
...resolve the source computer IP address |
N/A |
N/A |
Yes (LOCKED) |
...poll for nework sessions every X milliseconds |
N/A |
N/A |
Yes, every 1000 msec (LOCKED) |
Download Protection |
Balanced |
High Performance |
High Security |
Enable Download Insight |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Malicious file sensitivity |
5 (Typical) (unlocked) |
Level 1 (Minimum) (unlocked) |
5 (Typical) (LOCKED) |
...also detect files with X or fewer users |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
...also detect files known by users X or fewer days |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Automatically trust any file downloaded from an intranet site |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Malicious download detection: first action... |
Quarantine (unlocked) |
Quarantine (unlocked) |
Quarantine (LOCKED) |
...if first action fails |
Leave alone—log only (unlocked) |
Leave alone—log only (unlocked) |
Leave alone—log only (LOCKED) |
Action for unproven files |
Prompt (unlocked) |
Prompt (unlocked) |
Prompt (LOCKED) |
Display Download Insight notifications on infected computer |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
SONAR |
Balanced |
High Performance |
High Security |
Enable SONAR |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
High risk detection action |
Quarantine (unlocked) |
Quarantine (unlocked) |
Quarantine (LOCKED) |
Low risk detection action |
Log (unlocked) |
Log (unlocked) |
Log (LOCKED) |
Enabled aggressive mode |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Show alert upon detection |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Prompt before terminating a process |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Prompt before stopping a service |
No (unlocked) |
No (unlocked) |
No (LOCKED) |
Action to take when DNS change detected |
Ignore (unlocked) |
Ignore (unlocked) |
Block (LOCKED) |
Action to take when hosts file change detected |
Ignore (unlocked) |
Ignore (unlocked) |
Block (LOCKED) |
Suspicious behavior high risk detection action |
Block (unlocked) |
Ignore (unlocked) |
Block (LOCKED) |
Suspicious behavior low risk detection action |
Ignore (unlocked) |
Ignore (unlocked) |
Ignore (LOCKED) |
TruScan Legacy Client Settings |
|
|
|
Scan for trojans and worms... |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
...use trojan/worm sensitivity defaults defined by Symantec |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
Scan for keyloggers... |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
...use keylogger sensitivity defaults defined by Symantec |
Yes (unlocked) |
Yes (unlocked) |
Yes (LOCKED) |
When a commercial keylogger is detected |
Log (unlocked) |
Log (unlocked) |
Log (LOCKED) |
When a commercial remote control application is detected |
Log (unlocked) |
Log (unlocked) |
Log (LOCKED) |
How often should TruScan run |
At the default frequency (unlocked) |
At a custom scanning frequency; scan processes every 6 hours, do not scan new processes (unlocked) |
At a custom scanning frequency; scan processes every 15 minutes, scan new processes immediately (LOCKED) |
Internet, MS Outlook, and Lotus Notes
Email Auto-Protect |
Balanced |
High Performance |
High Security |
Enabled Email Auto-Protect |
Yes (unlocked) |
No (unlocked) |
Yes (LOCKED) |
File types to scan |
Scan all files (unlocked) |
N/A |
Scan all files (LOCKED) |
Scan inside compressed files |
Yes, 3 levels deep (unlocked) |
“ |
Yes, 3 levels deep (LOCKED) |
Malware detections: 1st action / and 2nd action if first fails |
Clean/Quarantine (unlocked) |
“ |
Clean/Quarantine (unlocked) |
Virus: Override actions configured for malware? |
No (unlocked) |
“ |
No (unlocked) |
Security Risk detections: 1st action / and 2nd action if first fails |
Quarantine/Leave alone (unlocked) |
“ |
Quarantine/Leave alone (LOCKED) |
Adware: Override actions configured for security risks? |
No (unlocked) |
“ |
No (LOCKED) |
Dialer? |
No (unlocked) |
“ |
No (LOCKED) |
Hack Tool? |
No (unlocked) |
“ |
No (LOCKED) |
Joke Program? |
No (unlocked) |
“ |
No (LOCKED) |
Misleading Application? |
No (unlocked) |
“ |
No (unlocked) |
Parental Control? |
No (unlocked) |
“ |
No (unlocked) |
Remote Access? |
No (unlocked) |
“ |
No (LOCKED) |
Security Assessment Tool? |
No (unlocked) |
“ |
No (unlocked) |
Security Risk? |
No (unlocked) |
“ |
No (unlocked) |
Spyware? |
No (unlocked) |
“ |
No (LOCKED) |
Trackware? |
No (unlocked) |
“ |
No (LOCKED) |
Display a notification on the infected computer |
Yes (unlocked) |
“ |
Yes (LOCKED) |
Insert warning into email message |
Yes (unlocked) |
“ |
Yes (LOCKED) |
Send email to the sender |
No (unlocked) |
“ |
No (LOCKED) |
Send email to others |
No (unlocked) |
“ |
No (LOCKED) |
The following settings apply only to Internet Email Auto-Protect |
|
|
|
Display progress indicator when email is being sent |
No (unlocked) |
“ |
No (LOCKED) |
Display a notification area icon |
No (unlocked) |
“ |
No (LOCKED) |
Incoming mail server (POP3) port |
110 (unlocked) |
“ |
110 (LOCKED) |
Outgoing mail server (SMTP) port |
25 (unlocked) |
“ |
25 (LOCKED) |
Allow encrypted POP3 connections |
Yes (unlocked) |
“ |
Yes (LOCKED) |
Allow encrypted SMTP connections |
Yes (unlocked) |
“ |
Yes (LOCKED) |
Use outbound worm heuristics |
Yes (unlocked) |
“ |
Yes (LOCKED) |
Outbound worm detection, first action |
Quarantine (unlocked) |
“ |
Quarantine (LOCKED) |
Outbound worm detection, second action if first fails |
Delete (unlocked) |
“ |
Delete (LOCKED) |
Global Scan Options |
Balanced |
High Performance |
High Security |
Enable Insight |
Yes: Symantec Trusted (unlocked) |
Yes: Symantec Trusted (unlocked) |
Yes: Symantec Trusted (LOCKED) |
Enable Bloodhound |
Yes, automatic (unlocked) |
Yes, automatic (unlocked) |
Yes, aggressive (LOCKED) |
Ask for password before scanning mapped network drive |
No |
No |
No |
Enable Shared Insight Cache |
No |
No |
No |
Quarantine |
Balanced |
High Performance |
High Security |
When new definitions arrive, take automatic action on quarantine items |
Silent repair and restore |
Silent repair and restore |
Silent repair and restore |
Quarantine folder location |
Use the default |
Use the default |
Use the default |
Allow client computers to manually submit to Security Response |
Yes |
Yes |
Yes |
Allow client computers to manually submit to Quarantine Server |
No |
No |
No |
Enable automatic deleting of repaired files... |
Yes, delete after 30 days |
Yes, delete after 30 days |
Yes, delete after 30 days |
...delete oldest repaired files to limit folder size to X MB |
No |
No |
No |
Enable automatic deleting of backup files... |
Yes, delete after 30 days |
Yes, delete after 30 days |
Yes, delete after 30 days |
...delete oldest backup files to limit folder size to X MB |
No |
No |
No |
Enable automatic deleting of files that could not be repaired... |
Yes, delete after 30 days |
Yes, delete after 30 days |
Yes, delete after 30 days |
...delete oldest non-repairable files to limit folder size to X MB |
No |
No |
No |
Miscellaneous |
Balanced |
High Performance |
High Security |
Disable Windows Security Center |
Never |
Never |
Never |
Display antivirus alerts within Windows Security Center |
Enable |
Enable |
Enable |
Display WSC message when definitions are outdated by X days |
Warn after 29 days |
Warn after 29 days |
Warn after 29 days |
Address to use as browser home page if a security risk changes it |
Symantec Security Response |
Symantec Security Response |
Symantec Security Response |
Selected events sent from client to management server |
Scan aborted, started, stopped
Security risk side effect repair failed
Client running without virus definitions
Virus definition rollback
Antivirus installed
Uninstall, uinstalll rolled back
Error loading services |
Scan aborted, started, stopped
Security risk side effect repair failed
Client running without virus definitions
Virus definition rollback
Antivirus installed
Uninstall, uinstalll rolled back
Error loading services |
Scan aborted, started, stopped
Security risk side effect repair failed
Client running without virus definitions
Virus definition rollback
Antivirus installed
Uninstall, uinstalll rolled back
Error loading services |
Delete logs older than X days |
14 days (unlocked) |
14 days (unlocked) |
14 days (unlocked) |
Send aggregate events every X minutes |
5 minutes |
5 minutes |
5 minutes |
Days before a warning appears in SEP client for outdated definitions... |
14 days (unlocked) |
14 days (unlocked) |
14 days (unlocked) |
...display a notification message on the client computer |
No |
No |
No |
Remediation attempts before warning appears on a client running without definitions... |
2 |
2 |
2 |
...display a notification message on the client computer |
No |
No |
No |
Display error messages with a URL to a solution |
Yes, display URL to Symantec KB article |
Yes, display URL to Symantec KB article |
Yes, display URL to Symantec KB article |
Enable Virtual Image Exception for Auto-Protect |
No |
No |
No |
Enable Virtual Image Exception for Administrator-Defined Scans |
No |
No |
No |
Macintosh Settings |
Balanced |
High Performance |
High Security |
Scheduled Scan |
|
|
|
Daily Scheduled Scan |
Enabled, every day at 8:00PM |
Enabled, every day at 8:00PM |
Enabled, every day at 8:00PM |
Scan Drives or Folders |
Folders, Library folder only |
Folders, Library folder only |
Folders, Library folder only |
Priority |
Low |
Low |
Medium |
Administrator On-demand Scan Settings |
|
|
|
Scan Drives or Folders in on-demand Scans |
Drives only, Hard drives and removable |
Drives only, Hard drives and removable |
Drives only, Hard drives and removable |
Scan compressed files in on-demand scans |
Yes |
No |
Yes |
Automatically repair files |
Yes |
Yes |
Yes |
Quarantine files that cannot be repaired |
Yes |
Yes |
Yes |
On-demand scan infection notification on client |
No |
No |
No |
Administrator-Defined Scans, Common Settings |
|
|
|
Display a notification message on the infected computer |
No |
No |
No |
Scan Compressed Files |
Yes |
No |
Yes |
Allow scan snooze |
No |
No |
No |
Allow scan cancel |
No |
No |
No |
Automatically repair files |
Yes |
Yes |
Yes |
Quarantine files that cannot be repaired |
Yes |
Yes |
Yes |
Show alerts |
...only when infected files are found |
...only when infected files are found |
...only when infected files are found |
Macintosh Auto-Protect Settings |
|
|
|
Lock Auto-Protect Settings |
No |
No |
No |
Enable Auto-Protect |
Yes (unlocked) |
Yes (unlocked) |
Yes (unlocked) |
Automatically repair files |
Yes (unlocked) |
Yes (unlocked) |
Yes (unlocked) |
Quarantine files that cannot be repaired |
Yes (unlocked) |
Yes (unlocked) |
Yes (unlocked) |
Scan Compressed Files |
Yes (unlocked) |
Yes (unlocked) |
Yes (unlocked) |
What files are scanned by Auto-Protect |
Scan everywhere |
Scan everywhere |
Scan everywhere |
Scan disks when they are mounted |
Yes |
Yes |
Yes |
Show progress during mount scans |
Yes |
Yes |
Yes |
Scan the following disks or devices when mounted (“All”, or select from “Music or video disks”, “iPod”, “Data disks”, “All other disks”) |
“iPods”, “Data disks”, “All other disks” |
“iPods”, “Data disks”, “All other disks” |
“iPods”, “Data disks”, “All other disks” |
Display notification on infected computer for Auto-Protect detection |
Yes |
Yes |
Yes |
Display warning on client when definitions are outdated by X days |
Yes, 30 days |
Yes, 30 days |
Yes, 30 days
|