|Anti-virus and HIPS policy / On-access scanning|
For more information, see Managing roles and sub-estates.
To configure on-access scanning:
|Rename||Scan files when they are renamed.|
|Write||Scan files when they are saved or created.|
|Adware and PUAs||
|Suspicious files||Suspicious files display certain characteristics (for example, dynamic decompression
code) that are commonly, but not exclusively, found in malware. However,
these characteristics are not sufficiently strong for the file to be
identified as a new piece of malware.
Note: This option applies only to Sophos Endpoint Security and Control for Windows.
|Allow access to drives with infected boot sectors||Allow access to an infected bootable removable medium or device such as a bootable CD, floppy disk, or USB
Use this option only if advised to by Sophos technical support.
|Scan inside archive files||Scan the contents of archives or compressed files before they are
downloaded or emailed from managed computers.
We recommend that you leave this option turned off, as it makes scanning significantly slower.
Users will still be protected against any threats in archives or compressed files, as any components of an archive or compressed file that may be malware will be blocked by on-access scanning:
|Scan system memory||Run an hourly background scan that detects malware hiding in the computer's system memory (the memory that is used by the operating system).|