3 Replies Latest reply on Apr 27, 2009 10:09 AM by phoffmann

    AV Real-time protection (Difference between settings)

    Rookie

      Hello

       

      Within LANDesk - Security and Patch Manager, Antivirus Settings, Real-time protection tab, there are 2 options. One being "Scan all file types" and the other being "Scan infectable files only".

       

      What is the main difference between the two? If I were to select "Scan infectable files only" does LANDesk have a database of what to scan? Does this provide a rish in an organisation?

       

      Would greatly appreciate any answers re the above.

       

      Thanks in advance.

       

      James

        • 1. Re: AV Real-time protection (Difference between settings)
          phoffmann SupportEmployee

          Scan all filetypes -- self-explanatory I would imagine?

           

          Scan infectable files ... too many to write up (I'm lazy), so I'm hoping you'll be OK with making do with this screenshot:

          AV_InfectableFileExtensions.JPG

           

          Does that answer your question?

           

          Paul Hoffmann

          LANDesk EMEA Technical Lead

          • 2. Re: AV Real-time protection (Difference between settings)
            Rookie

            Fair enough.

             

            But..... Is it a big risk in having the 2nd option turned on? From personal experience, have you ever come across a firm who have got a virus when "Scan all file types" was turned off?

             

            Thanks.

            • 3. Re: AV Real-time protection (Difference between settings)
              phoffmann SupportEmployee

              Personally?

               

              No, not really - but that's only my personal experience.

               

              It's more about "satisfying the desire of more security conscious/paranoid folks" ... some people insist on scanning text files as well (even though the text-file MAY contain a virus, in order to actually *DO* something, it'd still have to be turned/renamed into an executable file - at this point we WOULD scan it)...

               

              ... so it's more of a "what degree does your paranoia go to" type question - some places (say banks, weapons manufacturers, and such) tend to be more paranoid "on principle", which is their decision. In the end, we only provide information to enable you to make educated decisions .

               

              Does this help you?

               

              Paul Hoffmann

              LANDesk EMEA Technical Lead