McAfee TSA00M005PAA Processor Guide - Page 48

Hide the splash screen UDsiisnpglaythseupSpeocrtunriottyifCiceantitoenrs on client computers Management of security policies Disabled: The McAfee Total Protection Service splash screen is displayed when a computer is powered on and the client software starts running. Enabled: Notification dialog boxes warn client computer users when software upgrades and DAT file updates are being discontinued for their operating system. Virus and Spyware Protection No excluded files and folders or approved programs are configured. NOTE: With the default advanced settings for virus and spyware protection, it is possible for an ondemand scan to detect threats in archived files that are not detected during an on-access scan. This is because on-access scans do not look at compressed archives by default. If this is a concern for your organization, you should create a new policy where this option is enabled. Option Definitions - General Settings Tab Option Definition Scheduled Scan Settings Off: No on-demand scan is scheduled. On-access scans still occur every time users run, open, or download files. Spyware Protection Mode Prompt: Spyware scanning is enabled. When potentially unwanted programs are detected, virus and spyware protection asks users how to respond. NOTE: To prevent prompts from displaying, create a new policy with a different setting. For maximum protection, we recommend selecting Protect mode to automatically delete potentially unwanted programs. Option Definitions - Advanced Settings Tab Option Definition Virus Protection Settings Enable outbreak response Enabled: Client computers check for an outbreak detection definition (DAT) file every hour. Enable buffer overflow protection Enabled: Detect code starting to run from data in reserved memory and prevent that code from running. Enable script scanning Enabled: Detect harmful code embedded in web pages that would cause unauthorized programs to run on client computers. Scan email (before delivering to the Outlook Inbox) Enabled: Look for threats in email before it is placed into the user's Inbox. Scan all file types during on-access scans Enabled: Look for threats in all types of files, instead of only default types, when they are downloaded, opened, or run. (Default file types are defined in the DAT files.). Scan within archives during on-access scans (e.g., Disabled: Do not look for threats in compressed archive .zip, .rar, .tat, .tgz) files when the files are accessed. Scan within archives during on-demand scans (e.g., Enabled: Look for threats in compressed archive files .zip, .rar, .tat, .tgz) when files are scanned manually and during scheduled scans. Enable Artemis heuristic network check for suspicious files Enabled: Send information about unrecognized threat detections to McAfee Avert Labs for analysis. Scan mapped network drives during on-access scans Disabled: Do not look for threats in files on mapped network drives when they are accessed. Enable on-access scanning (if disabled) the next time client computers check for an update Enabled: If on-access scanning is disabled on a client computer, it is re-enabled when the computer checks for updates. Maximum percentage of CPU time allocated for on-demand and scheduled scans High: These scans are allowed to use a high percentage of CPU time. (Scans should be requested during non-peak hours, when users are not performing tasks on their computers.) Spyware Protection Settings Detect ... Enabled: Detect all types of spyware threats during scans. 48 McAfee Total Protection Service Product Guide