Antivirus Tasks - Introduction
- Click the 'Antivirus' tab on the CCS home-screen to open this interface.
- The tasks screen lets you run on-demand virus scans and configure scanner settings.
- You
can also set up a scan schedule, manage quarantined items, update
the virus database, and create a custom scan profile.
Background – How antivirus scans work
1. Files on the host are checked against the local virus database and Xcitium's master, cloud database.
- Note – Realtime scanning uses only local virus database.
2. Discovered malware is handled per the scanner settings. You can automatically quarantine threats, or have an alert shown which lets you choose what to do with each threat.
3. If the file's signature is not available in FLS, then the file is given an 'unknown' trust rating. Unknown files are submitted to Valkyrie for analysis if so configured in the Xcitium Enterprise profile.
- Verdict Cloud is Xcitium's online file rating system. It tests the runtime behavior of unknown files in order to identify those that are malicious.
- Note – You need to enable 'Enable Cloud Scanning' in settings to activate this feature.
4. Unknown files run normally until Valkyrie analysis is complete.
5. If Valkyrie finds that the file is malicious then it is added to the malware blacklist. CCS will flag the file as a virus on the next scan.
Tip: The logs area contains a record of all virus events, tasks, scans and configuration changes. Click 'More' > 'View Antivirus Events' to open it. See View Antivirus Events if you need help. |
The following sections explain about each task in detail: