Scan Settings

Configure the scan settings and file scan of V3 Net for Linux Server. It scans the file server on which the V3 Net for Linux Server is installed for malware.

Note

Agents with V3 Net for Linux Server installed run only V3 Net for Linux Server policies and Real-Time San commands.

To configure the Real-time Scan settings:

1. Click Policy on the top.
2. Select the Security Program Policy tab.
3. Click Add > Anti-Malware Policy > V3 Net for Linux Server.
4. To configure the scan settings, go to Scan Settings > Real-Time Scan, and specify the following fields:

• Enable Real-time Scan: Select the check box to scan the vulnerable system areas in real-time.
• Automatic restart after real-time scan ends: Choose the time to automatically restart when real-time scan function ends. The restart time can be selected among Restart after 10 mins, Restart after 30 mins, and restart after 60 mins, and the real-time scan will restart after the selected time has elapsed.
• Mode: Select the mode of Real-time Scan. You can select user mode or kernel mode. Real-Time Scan mode works only with the OS kernel version that can support both user/kernel mode.
• User Mode: Monitors file events at the application level.
• Kernel Mode: Monitors file events using the file filter driver of Linux Kernel Module.
• Enable NFS Real-Time Scan: Set whether to use NFS Real-time Scan. If you select NFS Real-time scan, malicious code in the NFS directory is detected.

5. Select whether to scan the most vulnerable areas or not.

• CPU Usage: Set the CPU usage. You can select High, Medium or Low.

6. Select whether to use CPU Usage Monitoring. When you enable this option, the system records logs if the CPU usage persists for a set amount of time.

• Set CPU usage: Set the CPU usage. (Available: 10-90%, Default: 30)
• Duration: Set the duration. (Available: 1-30 mins, Default: 10)
• Disable Real-Time Scan Off if CPU usage exceeds the threshold: If CPU usage has exceeded the threshold and duration set by the admin, Real-Time Scan is terminated.

7. Specify the repair process when a security threat is detected.

• Send the infected file to Quarantine before repairing or removing: Enable this option to send the infected file to Quarantine of V3 Net for Linux/Unix before repairing or removing. The file sent to the quarantine is kept in a non-executable form.
• Malware: Set the malware repair method.
• Repair: Repair the infected files if possible. If it's not possible to repair, delete the file.
• Ignore: Leaves the infected file.
• Running Infected Files: Set how to repair the infected file, if it's running.
• Repair while running: Repair the running infected file without forcefully terminating it.
• Force stop and repair: Repair after forcefully killing the running file.

8. After configuration, click Save. If you want to get back to the default settings, click Default.
9. When the <Add Policy> window appears, select a target to apply the policy.
10. When a confirming message appears, click OK.

To configure the File Scan settings:

1. Click Policy on the top.
2. Select the Security Program Policy tab.
3. Click Add > Anti-Malware Policy > V3 Net for Linux Server.
4. To configure the scan settings, go to Scan Settings > File Scan, and specify the following fields:

• Scan Targets
• All files: Scans all available files.
• Vulnerable files only: Scans vulnerable files such as exe, macro and script files.
• Scan files with following extensions: Select the check box to scan files with admin specified extensions. To separate extensions, use / between. You can enter up to 256 characters. (E.g. dat/tmp/dbx/ttf)
• Scan compressed files: Scans compressed files.
• Repair Method
• Repair immediately: Automatically repairs the infected files.
• Send the infected file to Quarantine before repairing: Send the infected files to Quarantine.
• Malware
• Ignore: Leave the infected file without repairing.
• Repair: Repair the infected file only when it is possible. If it is not possible to repair the file, V3 will delete the file.
• Delete: Delete the infected file without repairing.
• Infected Compressed File
• Ignore: Leave the infected file without repairing.
• Delete: Delete the infected file without repairing.

5. After configuration, click Save. If you want to get back to the default settings, click Default.
6. When the <Add Policy> window appears, select a target to apply the policy.
7. When a confirming message appears, click OK.