Scheduling an antimalware scan task in GravityZone
Aside from configuring the Antimalware module in the policy settings, you can run scans at any time on any managed endpoints by using the corresponding task in the Network page. For more details about the Scan task, refer to Malware scan
This section describes how to define a scheduled antimalware scan task from GravityZone Control Center via security policies.
With GravityZone Control Center, you can run anytime an antimalware scan on specific endpoints in your network, using the Tasks > Scan command from the Network page.
At the same time, you can configure a recurrent scan task to run automatically on target endpoints at a scheduled interval via the policy applied to these endpoints.
The following procedure explains how to schedule a scan task using the GravityZone policies.
Login to GravityZone Control Center using an account with Manage Networks rights.
Go to the Policies page.
Click the policy you want to edit (or create a new one). The policy must be applied to the endpoints where you want to run the scheduled scan.
In the policy settings, go to Antimalware > On Demand.
Under Scan Tasks, click Add and select the scan type that you want.
Note
You can run the following types of antimalware scan:
Quick Scan, which uses in-the-cloud scanning to detect malware running in the system. Running a quick scan usually takes less than a minute and uses a fraction of the system resources needed by a regular virus scan.
Full Scan checks the entire endpoint for all types of malware threatening its security, such as viruses, spyware, adware, rootkits and others.
Custom Scan allows you to choose the specific locations to be scanned and to configure the scan options.
Network Scan is a type of custom scan, which allows assigning one endpoint to scan network drives, then configuring the scan options and the specific locations to be scanned. For network scan tasks, you need to enter the credentials of a user account with read/write permissions on the target network drives, for the security agent to be able to access and take actions on these network drives.
Configure the scan task options as you want. To send the scan task recurrently to target endpoints, go to General tab > Scheduler section and configure the following settings:
Start date and time. Specify the time when the scan task starts.
Note
The scheduled scan will run at the target endpoint local time. For example, if the scheduled scan is set to start at 6:00 PM and the endpoint is in a different timezone than Control Center, the scanning will start at 6:00 PM (endpoint time).
Define the scan recurrence interval, by choosing one of the following options:
Specify the recurrence frequency and period (hour, day or week), starting with the specified time and date.
For example, the task will run every 2 days, starting from October 5 at 00:30.
Specify a weekly scan by selecting at least one day of the week when the scan task will run.
Optionally, you can specify what happens when the scan task could not start at the scheduled time (endpoint was offline or shutdown). Use the option If scheduled run time is missed, run task as soon as possible according to your needs:
When you leave the option unchecked, the scan task will attempt to run again at the next scheduled time.
When you select the option, you force the scan to run as soon as possible. To fine-tune the best timing for the scan runtime and avoid disturbing the user during the work hours, select Skip if next scheduled scan is due to start in less than, then specify the interval that you want.
Click Save to create the scan task.
Save the policy to apply the settings to target endpoints.
Note
Endpoints must be powered-on when the schedule is due. A scheduled scan will not run when due if the machine is turned off, hibernating or in sleep mode. In such situations, the scan will be postponed until next time.
The scanning is performed silently in the background, regardless the user is logged in the system or not.
Though not mandatory, it is recommended to schedule a comprehensive system scan to run weekly on all endpoints. Scanning endpoints regularly is a proactive security measure that can help detect and block malware that might evade real-time protection features.