Default anti-virus scanning options for Sophos Cloud

  • Artikel-ID: 119637
  • Aktualisiert: 27 Mai 2014

This article details the default anti-virus policy options for a Sophos Cloud managed computer.

Applies to the following Sophos product(s) and version(s)

Sophos Cloud

For real-time scanning, the following options are enabled:

  • Scan on read
  • Scan on write
  • Scan on rename
  • Scan system memory
  • Scan remote files
  • Auto clean-up (if clean-up fails, then deny access)
  • Scan for malicious behaviour
  • Malicious URL protection
  • Download scanning
  • Potentially Unwanted Application (PUA) scanning
    • PUAs are blocked by default.  Once detected you will need to either authorize the application in policy or clean up the application at the endpoint.
  • Scans executable files (does not unnecessarily scan files which cannot infect a computer)

The following are disabled:

  • Allow access to boot sector
  • Scan inside archives (Items extracted from the archive will be scanned in real-time regardless of this setting.  In addition to this the scheduled scan can be configured to scan within archives to search for dormant infected files. This can add significant processing overhead so it is not included in real-time scanning.)
  • Scan for/detect suspicious files (malicious behaviour detection provides protection against new (“day zero”) malware)
  • Detect suspicious behaviour (malicious behaviour detection provides protection against new (“day zero”) malware)
  • Buffer overflow detection(malicious behaviour detection provides protection against new (“day zero”) malware)

For scheduled scanning (disabled by default)

This has the same settings as the real-time scanning. It has the following scheduled scan specific settings enabled:

  • Scan for rootkits
  • Low priority scan
  • Scanning inside archives can be enabled

 
Wenn Sie weitere Informationen oder Unterstützung benötigen, wenden Sie sich bitte an den technischen Support.

Artikel bewerten

Ungenügend Hervorragend

Anmerkungen