Anti-virus and HIPS policy

An anti-virus and HIPS policy enables you to do the following:

  • Detect known and unknown viruses, Trojans, worms, and spyware automatically as soon as users attempt to copy, move, or open files that contain them.
  • Scan for adware and other potentially unwanted applications.
  • Scan computers for suspicious files and rootkits.
  • Detect malicious network traffic, that is, communications between endpoint computers and command and control servers involved in botnet or other malware attacks.
  • Automatically clean up computers as soon as a virus or other threat is found.

    For information about changing the settings for automatic cleanup, see Set up automatic cleanup for on-access scanning.

  • Analyze the behavior of the programs running on the system.

    For more information, see Behavior monitoring.

  • Scan computers at set times.

    For more information, see Create a scheduled scan.

You can use different scanning settings for each group of computers. For detailed information about configuring scanning settings, see the following topics:

Note Sophos Labs can independently control which files are scanned. They may add or remove scanning of certain file types in order to provide the best protection.

For information about scanning and cleanup options that do not take effect on Mac, Linux or UNIX, see Settings not applicable on Mac, Linux or UNIX.