Endpoint Security Status
-
Click 'Security' > 'Endpoint Security' > 'Security Status' to open this area.
This area allows you to:
-
View the infection status of managed Windows, Mas OS, Linux and Android devices.
-
Run antivirus and file rating scans on devices.
-
View a consolidated list of all malware on all endpoints.
-
View all quarantined files on Windows, Mac OS and Linux devices.
-
View an all-time history of threats discovered on all endpoints.
-
Manually delete, quarantine or ignore malicious files
The 'Antivirus' interface has five tabs:
-
Device List - Shows the status of all managed devices with regards to antivirus health. The interface shows:
The date and type of the most recent virus scan
Whether or not the device is using the latest virus database
The malware status of the device (clean, infected or unknown)
You can also run an on-demand scan on a device, and delete/quarantine/ignore threats.
See The Device List Interface for more details.
-
Current Malware List - Lists all unprocessed malware residing on managed devices. You can delete, ignore or quarantine specific pieces of malware on specific devices, or apply these actions to multiple threats at once. See View and Manage Identified Malware for more details.
-
Quarantined Files - Malware which has been quarantined by Xcitium Client Security on Windows, Mac and Linux devices. You can delete or restore quarantined items, or assign a trust rating to items. See View and Manage Quarantined Items for more details.
-
Android Threat History - A log of all malicious items found on Android devices over time. See View Android Threat History for more details.
-
Autorun Items - List of files that tried to modify Windows services, auto-start entries or scheduled tasks. See View and Manage Autorun Items for more details.
The 'Device List' screen displays the infection status of Android, Mac OS, Windows and Linux devices. From here you can:
-
Run on-demand antivirus scans on selected devices
-
Run file rating scans on Windows devices
-
Choose the action to be taken on malware discovered by scans.
-
Update the AV database on endpoints
Note: You can run virus scans on specific areas of a device and setup ongoing, scheduled scans. These tasks are configured in the 'Antivirus' section of the device's configuration profile. See:
|
Open the 'Device List':
-
Click 'Security' > 'Endpoint Security' > 'Antivirus'
-
Select the 'Device List' tab
Select a group to view only the devices in it
Or
Select 'Show All' to view all devices enrolled to Xcitium
The list shows all Android, Windows, Mac OS and Linux devices along with their last scan details, infection status and antivirus database update state.
Column Heading |
Description |
---|---|
OS |
The operating system of the device. |
Name |
The label of the device on which the threat was found.
|
Logged in User |
The name of the user currently signed-in to the device.
|
Antivirus DB State |
The update status of the virus signature database on the device. |
Antivirus DB Version |
The version number of the virus signature database on the device |
Antivirus DB Date |
The date and time at which the AV database was last updated |
Run By |
The source that initiated the last scan. An antivirus scan or a file rating scan can be initiated in the following ways:
|
Scan Type |
Indicates the kind of the last scan ran on the device. The possible types of scan are:
|
Scan State |
Status of the last scan run on the device. Possible states are:
|
Scan Date |
The date and time at which the last scan was run. |
Malware Status |
The infection status of the device.
|
Controls |
|
Scan |
Run a manual scan on selected devices. See Run Antivirus and/or File Rating Scans on Devices for more details. |
Stop Scan |
Terminate any type of on-going scans on selected devices. This includes on-demand scans run from the Xcitium console, scheduled scans run by the security profiles active on the device and any on-demand scan run by the local user from the Xcitium Client - Security (XCS) application on the device. See Run Antivirus and/or File Rating Scans on Devices for more details. |
Protective Action |
Remove, quarantine or ignore threats found on infected devices. See Handle Malware on Scanned Devices for more details. |
Update Antivirus DB |
Manually run a virus signature update on selected devices. See Update virus signature database on Windows, Mac OS and Linux Devices for more details. |
Export |
Save the device list, including current
statuses, as a .csv file. The exported .csv is available in 'Dashboard' > 'Reports'. See Export the List of Devices for more details. |
The 'Antivirus' > 'Device List' interface allows you to:
Sorting, Search and Filter Options
-
Click any column header except 'Antivirus DB version' to sort items in ascending/descending order
-
Click the funnel icon
on the right to filter items by various criteria.
-
Start typing or select the search criteria in the search field to find a particular item and click 'Apply'
-
To view all items again, clear any filters and search criteria and click 'Apply'.
Export device list records as a CSV file
-
Click 'Security' > 'Endpoint Security' > 'Antivirus' > 'Device List'
-
Click the funnel icon
to filter which records are included in the report.
-
Click the 'Export' button and choose 'Export to CSV':
-
The .csv file will be available in 'Dashboard' > 'Reports'
-
See Reports in The Dashboards for more details.