Adjusting scans to increase protection on your client computers

Symantec Endpoint Protection
provides a high level of security by default. You can increase the protection even more.
The settings are different for clients that run on Windows computers and clients that run on Mac and Linux computers.
If you increase the protection on your client computers, you might affect computer performance.
Adjusting scans to increase protection on Windows computers
Task
Description
Lock scan settings
Some settings are locked by default; you can lock additional settings so that users cannot change the protection on their computers.
Modify settings for administrator-defined scans
You should check or modify the following options:
  • Scan performance
    Set the scan tuning to
    Best Scan Performance
    . The setting, however, might affect your client computer performance. Scans run even if the computer is not idle.
  • Scheduled scan duration
    By default, scheduled scans run until the specified time interval expires and then resume when the client computer is idle. You can set the scan duration to
    Scan until finished
    .
  • Make sure that Insight Lookup is enabled. If you disable Insight lookups, cloud protection is completely disabled. Scheduled and on-demand scans always use the cloud to evaluate portal files. Auto-Protect also uses the cloud to evaluate portal files.
For more information, see:
Specify stronger scan detection actions
Specify
Quarantine
,
Delete
, or
Terminate
actions for detections.
Be careful when you use
Delete
or
Terminate
for security risk detections. The action might cause some legitimate applications to lose functionality.
For more information, see:
Increase the level of Bloodhound protection
Bloodhound locates and isolates the logical regions of a file to detect virus-like behavior. You can change the detection level from
Automatic
to
Aggressive
to increase the protection on your computers. The
Aggressive
setting, however, is likely to produce more false positives. See:
Adjust Auto-Protect settings
You can change the following options:
  • File cache
    You can disable the file cache so that Auto-Protect rescans good files.
  • Network settings
    By default, files on network drives are scanned only when they are executed.
For more information, see:
Adjusting scans to increase protection on Mac and Linux computers
Task
Description
Modify compressed file options for scans
The default is to scan 3 levels deep in compressed files. To increase protection, leave it at 3 levels, or change it to 3 if it is at a lower level. See:
Lock Auto-Protect settings
Some settings are locked by default; you can lock additional settings so that users cannot change the protection on their computers. On the Mac client and the Linux client, you can click
Enable Auto-Protect
, and then click the lock icon to lock the setting. See:
Specify stronger scan detection actions
Specify
Quarantine
or
Delete
(Linux only) actions for detections.
As of 14.3 RU1, configuring the actions for detections is deprecated for the Linux client.
Be careful when you use
Delete
for security risk detections. The action might cause some legitimate applications to lose functionality.
For more information, see: