Configure an On-Demand Scan policy (Quick Scan)

Configure an On-Demand Quick Scan policy settings for your managed systems.

For details about product features, usage, and best practices, click ? or Help.

Task

  1. Log on to the McAfee ePO server as an administrator.
  2. From the Policy Catalog, select Endpoint Security Threat Prevention as the product, then select On-Demand Scan as the category.
  3. Click New Policy, type a name for the policy, then click OK.
  4. Click the policy that you created, click the Quick Scan tab, then define these settings.
    In... Configure...
    What to Scan
    • Compressed MIME-encoded files — Detects, decodes, and scans Multipurpose Internet Mail Extensions (MIME) encoded files.
    • Compressed archive files — Scans the contents of compressed archive files.
      CAUTION: Scanning compressed archive files requires additional time.
    Additional Scan Locations
    • Detect unwanted programs — Detects unwanted programs.
    • Detect unknown program threats — Detects files that contain code resembling malware.
    • Detect unknown macro threats — Detects unknown macro threats.
    Scan Locations
    • Scan subfolders — Examines all subfolders in the specified volumes when any of these options are selected.
      • Home folder
      • Temp folder
      • File or folder
      • All mapped drives

    Select the directory from the Specify locations drop-down list. You can add directories by clicking . Click to remove the directory from scanning.

    File Types to Scan
    • All files — Scans all files regardless of extension.
      Tip: Best Practice: Enable All files to make sure that no malware threat resides in your managed system.
    • Default and specified file types — Scans files with extensions defined in the software and extensions you specify.

      For the list of default files that are scanned when Default and Specified file types option is selected, see McAfee KnowledgeBase article KB79626.

    • Scan for macros — Enables scanning for macros in all files.
    • Specified file types only — Scans only files with extensions that you specify. Select All files with no extension to scan files that contains no extension.
    McAfee GTI
    • Enable McAfee GTI — Enables McAfee GTI, a heuristic network check for suspicious files.
    Exclusions

    In the Exclusions section, click

    • Add — To add files to the exclusion list.
    • Edit — To edit the exclusion settings.
    • Delete — To remove the selected item from the exclusion list.
    • Clear All — To remove all items from the exclusion list.

    For more information on configuring exclusions, see Exclude files or directories from scanning.

    Actions

    In Threat detection first response:

    • Continue scanning — Continues scanning files when a threat is detected. The scanner doesn't move items to the quarantine.
    • Clean files — Removes the threat from the detected file.
    • Delete files — Deletes the file that contains malware.

    You can also configure a secondary response using the If first response fails option, in case the primary response is unsuccessful.

    In Unwanted program first response:

    • Continue scanning — Continues scanning files when a threat is detected. The scanner doesn't move items to the quarantine.
    • Clean files — Removes the threat from the detected file.
    • Delete files — Deletes the file that contains malware.

    You can also configure a secondary response using the If first response fails option, in case the primary response is unsuccessful.

    Performance
    • Use the scan cache — Enables the scanner to use the existing clean scan results.
    • Specify maximum number of seconds for each file scan — Limits each file scan to the specified number of seconds. The default value is 45 seconds, and this option is enabled by default. If a scan exceeds the time limit, the scan stops cleanly and logs a message.
    • Specify maximum number of threads allowed — Limits the number of on-demand scan threads that can run simultaneously.
  5. Click Save.
    For scheduling the task, see the product guide of your version of McAfee ePO.
    Note: McAfee Endpoint Security for Linux does not support the Right-Click Scan option.