Symantec 10551441 Administration Guide - Page 51

Managing Symantec AntiVirus 51 Enhancing server group security Forcing the access list to reload By default, the access list is refreshed every five minutes. If you want a change that you make to the list to take place immediately, you can force the reload. To force the access list to reload 1 Start a registry editor, such as Regedt32. 2 Open the HKEY_LOCAL_MACHINE\SOFTWARE \INTEL\LANDesk\ VirusProtect6\CurrentVersion\ProductControl key. 3 Type ReadAccessList as a new DWord. 4 Type 1 as the binary data associated with the ReadAccessList DWord value. 5 Close the registry editor. Rolling out the access list You can roll out the access list by performing the following tasks: ■ Create a registry script with the information that you want to add to the access list, such as new values to authorize additional computers. ■ Roll out the access list via your preferred distribution tool. ■ Force the Symantec AntiVirus antivirus component to import the access list immediately. See "Forcing the access list to reload" on page 51. Logging unauthorized configuration change attempts When the Symantec AntiVirus antivirus component receives communication from an address that is not included in the access list, an event can be written to the Symantec AntiVirus Event Log. When the event occurs on a computer running Symantec AntiVirus, the log event is forwarded to the parent server. Note: Unauthorized configuration change information is not written to logs by default. Log changes and set logging frequency You can edit the registry to log unauthorized changes. You can specify the frequency with which these items are logged. To log unauthorized configuration changes 1 Start a registry editor, such as Regedt32.