How to make On Access Scanner (real-time) exclusions more secure
技術的な記事 ID:
KB79589
最終更新: 1/23/2020
最終更新: 1/23/2020
How to make On Access Scanner (real-time) exclusions more secure
技術的な記事 ID:
KB79589
最終更新: 1/23/2020 環境概要
This article describes how an exclusion for real-time scanning can be created to apply only to specific processes rather than to all processes. The article also explains, in qualitative terms, the security benefits from using a refined exclusion versus a blanket exclusion.
解決策VirusScan's default configuration setting is to use a single scanning profile for all processes (called the Default profile). With the default, when you add an exclusion to this profile, you add that exclusion for all processes. This configuration might not be the ideal one for your installation or environment.
The amount of risk for the exclusions in these examples is impossible to quantify. But, the high and moderate qualitative assessments are provided as a guide. You can make the above exclusions much more secure by taking advantage of the additional scanning profiles that VirusScan has available. These profiles are called High-Risk Processes and Low-Risk Processes, plus you still have the Default profile. The actual names of these profiles are to help you understand their intended use. The details of their configuration are entirely under your control. When you choose to configure different scanning policies for high-risk, low-risk, and default processes, you expand VirusScan's ability to decide what to scan and what not to scan. You gain two more scanning profiles, which add flexibility to reduce the risk of having an exclusion. The profiles contain lists of process names. The Default profile has no list, which means any process not defined in the high risk or low risk list is treated as a member of the Default processes profile. You control what process names are members of each scanning profile; you can keep or delete the McAfee-defined profiles. Because each scanning profile has its own list of processes, you can configure the profiles to have their own scanning configuration. So, the scanning configuration applies to any file activity that members of that profile perform.
関連情報
See also:
影響を受ける製品言語:技術用語集 |
|