Looking for a way to force a policy update without having to log into the client.
Current config:
- "Pull" Mode
- Heartbeat 8 hours
The context here is incident handling when a machine may or may not have had a virus removed and we want to launch a full scan from the to confirm.
My method is to create a folder in SEP called "investigate"-this switches the client from Pull Mode to Push mode to get real time scan results.
Again, the question is-is there any way without logging into the potentially affected system(which may introduce risk) to force the policy update (so the client gets the policies associated with my "investigate folder" without having to wait the full 8 hours(at worst, without the randomization figured in).