Endpoint Protection Central Customization of Individually Scheduled Local Scans

The whole idea behind managed Symantec Endpoint Protection (SEP) clients is being able to centrally configure the behavior of these clients in Symantec Endpoint Protection Manager (SEPM).  One very important aspect of this is being able to configure CENTRALLY how the client behaves when malware is found during a scheduled local scan.  SEPM has Administrator-defined Scans which have centrally configured behavior for a single scheduled scan time per policy/group; however, the need for an individually scheduled scan is essential for large sites (hundreds of clients) because the Administrator-defined Scans scheduling is the opposite of granular, i.e., one size does not fit all.  This is because a complete scan of local disks is the most resource intensive SEP task and each user usually has a different time when this is an acceptable load.

Another important point is that Symantec System Center (SSC) 10.x allows administrators to schedule scans per client (right click on a client in SSC, go to "All Tasks", Symantec AntiVirus", and "Scheduled Scans...") which means that SEP has lost this functionality.

Having said all this, here is what I require from any new release of SEP: to be able to configure once in SEPM the behavior of scheduled local scans on every managed SEP client.  Also it would be very helpful if, just like in SSC 10.x, I could configure when a local scan occurs on a per client basis in SEPM and, at the same time, I could configure centrally (once) the behavior of these local scans in SEPM.

Marie Glendenning
Lead Windows System Administrator
National Radio Astronomy Observatory
Socorro NM