Turn on-access scanning on or off

If you use role-based administration:

  • You must have the Policy setting - anti-virus and HIPS right to perform this task.
  • You cannot edit a policy if it is applied outside your active sub-estate.

For more information, see Managing roles and sub-estates.

By default, Sophos Endpoint Security and Control scans files as the user attempts to access them, and denies access unless the file is clean.

You may decide to turn off on-access scanning on Exchange servers or other servers where performance might be affected. In this case, put the servers in a special group and change the anti-virus and HIPS policy used for that group as shown below.

To turn on-access scanning on or off:

  1. Check which anti-virus and HIPS policy is used by the group or groups of computers you want to configure.

    See Check which policies a group uses.

  2. In the Policies pane, double-click Anti-virus and HIPS. Then double-click the policy you want to change.
    The Anti-Virus and HIPS policy dialog box is displayed.
  3. In the On-access scanning panel, select or clear the Enable on-access scanning check box.
Important If you turn off on-access scanning on a server, we recommend that you set up scheduled scans on the relevant computers. For instructions on how to set up scheduled scans, see Create a scheduled scan.