|Anti-virus and HIPS policy / On-access scanning|
For more information, see Managing roles and sub-estates.
By default, Sophos Endpoint Security and Control scans files as the user attempts to access them, and denies access unless the file is clean.
You may decide to turn off on-access scanning on Exchange servers or other servers where performance might be affected. In this case, put the servers in a special group and change the anti-virus and HIPS policy used for that group as shown below.
To turn on-access scanning on or off: