Protection Policy: General

The General dialog contains five configurable sections:

Settings

Enter a Policy Name. This should be a meaningful name to aid identification later. A naming convention can be useful as well.

Policy Naming Examples
Client1_Site2_no_encryption Client1_Site1_deep_scans_only
Client3_Site4_encrypted Client3_Site4_all_scans

End-User Interaction

Select whether the end-user can access the Managed Antivirus console on the local device. Tick the box against the required item to select.

  • Show Task Bar icon: When enabled the end-user can run manual scans as well as release and delete items from quarantine.
  • Show Notification: Display notification to the user include when a scan has started, if active protection blocks a threat, when definition files are updated etc.

See the Bitdefender Engine - Windows End-user Guide and Bitdefender Engine - Mac End-user Guide for full details of the end-user interfaces.

Quarantine

In addition to manually managing quarantine items via the dashboard, you can set Managed Antivirus to automatically Delete items from quarantine that are older 'X' day(s). Set the number of days and tick the box to enable this option.

Updating

The Managed Antivirus Agent regularly communicates with our servers to retrieve both threat definitions and engine updates.

MAV-BD Engine upgrades can be delayed by up to 10 days. When a delay is applied to the engine updates, the endpoint will not download the engine until after the delay period has expired and at this point the agents will take the engine update the next time they check into the definition servers regardless of the day or time. In addition to delaying the upgrade by a number of days, the update can also be scheduled to take place out of office hours - for example overnight or at weekends.

Threat Definitions

Enter the number of hours in Update threat definitions every n hour(s) and tick the box to apply. Threat definitions will update as soon as possible (when available) if this option is not enabled.

Engine Updates

Delaying engine updates does not delay threat definition updates. These will continue to update on their current schedule.

  • Force engine upgrade: allows you to set the behavior of the AV engine updates - from the drop-down menu choose whether to apply updates immediately or delayed up to 10 days.

When delaying the force engine update, two configuration options become available to control when the update takes place.

  • Only update engine on weekends:  option forces any engine updates to only install on a Saturday and Sunday. - enable this if you require AV engine updates to only install at weekends.
  • Only update engine overnight (9PM – 3AM): forces engine updates to only take place between 9PM and 3AM on days where engines updates are permitted.

These settings can be combined to only update the engine overnight at weekends:

  • Weekend: Enabled
  • Overnight: Enabled
  • Update every: 7 days

NOTE: - when selecting the Only update engine on weekends option, please ensure the number of days configured for Force engine upgrades after duration is long enough to cover weekends to ensure the engine update can take place.

At the foot of the Updating section, you will see an advisory message detailing the behavior of the engine updates as per the configuration you have set. Please ensure this description matches your intended setup.

Managed Antivirus Check Behavior

As communication is a key factor in successful endpoint protection, a failure is indicated where agent and dashboard communication is lost. You can choose to fail the Managed Antivirus Check if it has not checked-in to the dashboard within the specified threshold.

Select the length of inactivity from the drop-down to set the Managed Antivirus Check failure threshold:

  • 10 minutes
  • 15 minutes
  • 20 minutes
  • 25 minutes
  • Never fail check due to agent inactivity

The Agent's last check-in time appears in the Managed Antivirus Check along with the scan information.

You can also choose to fail the Managed Antivirus Check when there is an item in quarantine. Tick the box next to the option Fail MAV check when threat(s) present in quarantine to enable.

Laptops taken outside of the network may experience sporadic internet connections. To account for this scenario, theManaged Antivirus Check never fails for a laptop if the Managed Antivirus Agent does not check-in to the dashboard.

What do you want to do?