Command Line Scanning of USB removable Media
Created: 28 May 2009 | 1 comment
We have use a tool called Endpoint Protection , this basically forces users to encrypt any removable media that they insert into their machine otherwise they cannot use it. It also has an inbuilt scanner that scans for certain file types and advises that users must remove these files before the device can be encrypted, this feature cannot be turned off but can be substituted with 3rd party Virus Scanning Software if it allows command line scanning of removable media.
Unfortunately , SEP only allows the scanning of All drives when using DOSCAN.exe . Which at the moment takes approx 3 hrs on our machines.
So if there was a function in DoScan.exe to scan removable media only this would be quite useful.
idea Filed Under:
Comments
Symantec Enpoint Encryption
Symantec Enpoint Encryption has the ability to force encryption of removeable storage and Symantec Enpoint Protection has the ability to prevent writes or reads of file types to removeable storage. Also note that when a user inserts a USB thumb drive, windows will look for a autorun file. When windows accesses the drive, it will force an on demand scan. This will not scan everything on the drive, but it does typically catch viruses in the root directory without any user intervention. In my experiences, most individuals do not want to wait for a scan to complete before the drive becomes active. USB drives are getting to large to force this type of activity. Whether the drive is encrypted or not, if somebody tries to access an infected file on a usb drive, SEP will identify the threat. Typically, the cost of the scan does not outweigh the risk of infection.
Would you like to reply?
Login or Register to post your comment.