Symantec 360R Administration Guide - Page 107

Advanced network traffic control 107 Configuring AVpe To configure antivirus policy enforcement See "AVpe field descriptions" on page 207. 1 In the SGMI, in the left pane, click Antivirus Policy. 2 In the Primary AV Master text box, in the right pane, under Server Location, type the IP address or fully qualified domain name of your primary antivirus server or master client. 3 Optionally, in the Secondary AV Master text box, type the IP address or fully qualified domain name of a backup antivirus server, if supported in your environment. 4 In the Query AV Master Every text box, type an interval (in minutes) for the appliance to query the antivirus server for updated virus definitions. 5 To force a manual update, click Query Master. 6 Under Policy Validation, next to Verify AV Client is Active, select one of the following: ■ Latest Product Engine To check a client's antivirus configuration to ensure it uses a supported Symantec antivirus product with the latest product scan engine. ■ Any Version To check a client's antivirus configuration to verify that a the correct version of a supported Symantec antivirus product is installed on the client's workstation. 7 To enable the appliance to validate whether a client is using the latest virus definitions, check Verify Latest Virus Definitions. 8 In the Query Clients Every text box, type an interval (in minutes) for the appliance to query clients to validate whether they are using updated virus definitions. 9 Click Save. Enabling AVpe AVpe is enforced at the computer group and VPN group level. To enable AVpe, you first select a group, and then enable AVpe once for all members of that group. You also decide whether you want to warn or to denny WAN access to clients if their antivirus configuration is not compliant with expected security policies.