Specifications and Settings

System Requirements

To ensure optimal performance and security, it's imperative to meet the specific system requirements outlined in this section. These requirements cover hardware and software compatibility, including supported operating systems, CPU and RAM capacity, and network bandwidth. Failure to adhere to these specifications may result in compromised security, reduced performance, and potential system instability. Refer to the table below for a concise overview:

Configuring Settings

To configure the below mentioned settings, Navigate to Settings.

Exclusions

In certain scenarios, you may need to exclude specific files or folders from the scrutiny of Malware Protection to accommodate your unique requirements. This can be particularly useful for preventing false positives or avoiding interference with trusted applications. Refer to this guide to add exclusions.

Note: Exercise caution when configuring exclusions, as mismanagement may pose security risks; consult with IT security personnel for guidance.

Detection Settings

1. General Settings

   These settings are applicable for all the engines.

   • System Backup Creation: Enables the automatic creation of system backups; recommended to keep this setting enabled.
   • Allocated Backup storage: Reserves the specified percentage of disk space exclusively for storing backups.
   • Backup Interval: Defines how frequently backups should be created.

     

2. DeepAV (Deep Learning based Antivirus) Engine

   • Detection Trigger:These determine when a file scan is initiated.
     • On Execute: The file is scanned whenever a process is initiated. The file from which the process is being created will be scanned. This trigger is always active and cannot be disabled.
     • On DLL Load: The file scan is conducted when the Dynamic Link Libraries (DLLs) associated with a process are loaded. The DLL which was being loaded will be scanned.
     • On Write: Files are analyzed as they are written, identifying and blocking threats before execution. It is initiated when a file is acquired through a web browser download, or when it is transferred (copied/moved) from within or outside the system.
   • Prevention Policy:
     • Audit only: Detects and alerts on identifying any ransomware incidents.
     • Kill & Quarantine: Blocks the execution of malicious processes by intercepting them before they can run and quarantines the endpoint from the network.

3. Behavior Detection Engine

   • Prevention Policy:
     • Audit only: Detects and alerts on identifying any malicious behavior.
     • Kill & Quarantine: Blocks the execution of malicious processes by intercepting them before they can run and quarantines the endpoint from the network.

   

Notification Settings

In Malware Protection, you have the capability to enable alert notifications, ensuring that your cybersecurity team and users stay informed. This proactive approach enhances your overall security posture. Here's how you can configure it:

• Administrator alerts:
  • Receive alerts via email for timely notification.
  • Stay informed on-the-go with mobile app notifications.
• User Endpoint Notifications:
  • Users receive direct alerts on their endpoints for immediate.

Add-on Configurations

• Management Scope:

  This enables us to choose complete protection for all eligible endpoints or selectively enable for a test group of endpoints before rolling it to a broader environment. The number of endpoints protected can also be referred.

• Disable Malware Protection:

  This option disables the feature of Malware Protection in Endpoint Central software. It would expose your endpoints to potential malware and ransomware attacks. It can be re-enabled in the Malware Protection tab in the web console.

If you have any further questions, please refer to our Frequently Asked Questions section for more information.