We have configured a policy on our SEP management server to enforce a weekly scan (Administrator-define scan) of all our clients. We have disabled the user’s ability to stop the scan, but have allowed them to pause and snooze the scan for a pre-determinate time. However, users are able to circumvent the weekly scans by either rebooting their computers or logging off as the scan starts.
The scan aborts and the SEP management just records that the last scan date of when the scan started. Hence, on the SEP management console it appears that the weekly scan has been run.
This is a major compliance issue and basically defeats the purpose of the administrator-define scan. We have contacted Symantec supported and they have indicated there is no way to resume a scan if it’s aborted in this way and if we wanted this feature, we should summit an enhancement request.
Is it possible to implement an enhancement to resume the weekly (Administrator-define) scans after a reboot or when a user logs back in. Is it also possible for the SEP management console to indicate the status of a scan and maybe provide some additional information, ie. the status of the scan (eg. running, aborted, paused, snoozed, completed, etc.) what time the scan started, when was it passed, snoozed, etc. This addition information should be easily viewable (summarized and/or in detail form) via the SEP management console and it should also be possible to generate reports/export the details.