Tag: Computer Configuration

This policy setting configures a local override for the configuration of scanning for all downloaded files and attachments. This setting can only be set by Group Policy. If you enable this setting the local preference setting will take priority over Group Policy. If you disable or do not configure this setting Group Policy will take priority over the local preference setting.

This policy setting configures a local override for the configuration to turn on real-time protection. This setting can only be set by Group Policy. If you enable this setting the local preference setting will take priority over Group Policy. If you disable or do not configure this setting Group Policy will take priority over the local preference setting.

This policy setting configures a local override for the configuration of monitoring for incoming and outgoing file activity. This setting can only be set by Group Policy. If you enable this setting the local preference setting will take priority over Group Policy. If you disable or do not configure this setting Group Policy will take priority over the local preference setting.

This policy setting allows you to configure monitoring for incoming and outgoing files without having to turn off monitoring entirely. It is recommended for use on servers where there is a lot of incoming and outgoing file activity but for performance reasons need to have scanning disabled for a particular scan direction. The appropriate configuration should be evaluated based on the server role. Note that this configuration is only honored for NTFS volumes. For any other file system type full monitoring of file and program activity will be present on those volumes. The options for this setting are mutually exclusive:0 = Scan incoming and outgoing files (default)1 = Scan incoming files only2 = Scan outgoing files onlyAny other value or if the value does not exist resolves to the default (0). If you enable this setting the specified type of monitoring will be enabled. If you disable or do not configure this setting monitoring for incoming and outgoing files will be enabled.

This policy setting configures a local override for the configuration of the time to run a scheduled full scan to complete remediation. This setting can only be set by Group Policy. If you enable this setting the local preference setting will take priority over Group Policy. If you disable or do not configure this setting Group Policy will take priority over the local preference setting.

This policy setting allows you to specify the day of the week on which to perform a scheduled full scan in order to complete remediation. The scan can also be configured to run every day or to never run at all. This setting can be configured with the following ordinal number values:(0x0) Every Day(0x1) Sunday (0x2) Monday(0x3) Tuesday(0x4) Wednesday(0x5) Thursday(0x6) Friday(0x7) Saturday(0x8) Never (default)If you enable this setting a scheduled full scan to complete remediation will run at the frequency specified. If you disable or do not configure this setting a scheduled full scan to complete remediation will run at a default frequency.

This policy setting allows you to specify the time of day at which to perform a scheduled full scan in order to complete remediation. The time value is represented as the number of minutes past midnight (00:00). For example 120 (0x78) is equivalent to 02:00 AM. The schedule is based on local time on the computer where the scan is executing. If you enable this setting a scheduled full scan to complete remediation will run at the time of day specified. If you disable or do not configure this setting a scheduled full scan to complete remediation will run at a default time.

This policy setting configures the time in minutes before a detection in the “additional action” state moves to the “cleared” state.

This policy setting configures the time in minutes before a detection in the “critically failed” state to moves to either the “additional action” state or the “cleared” state.

This policy setting controls whether raw volume write notifications are sent to behavior monitoring. If you enable or do not configure this setting raw write notifications will be enabled. If you disable this setting raw write notifications be disabled.