Expected behavior for remote file scanning with Endpoint Protection for Linux
Article ID: 172448
Updated On:
Products
Endpoint Protection
Issue/Introduction
Symantec Endpoint Protection for Linux (SEPFL) includes the option to 'Scan files on remote computers' for Auto-Protect/real time scans but not the other scan types. This may result in unexpected results.
Environment
Linux
Resolution
| Scan Type | Scan files on remote computers = Enabled | Scan files on remote computers = Disabled |
|---|---|---|
| Real Time Scan | Detects malicious files when accessed, modified, copied or altered. | Does not detect any malicious file. |
| Manual Scan | Detects malicious files when requested for scan. | Detects malicious files when requested for scan. |
| User Defined Scan | Detects malicious files when requested for scan. | Detects malicious files when requested for scan. |
| Scheduled Scan | Detects malicious files when requested for scan. | Detects malicious files when requested for scan. |
In the event a softlink that references a malicious file on a remote computer is present, Auto-Protect will detect and act on the malicious file while the option is enabled. When the option is disabled, Auto-Protect will leave the malicious file alone. Manually scanning the softlink results in the softlink being excluded.
Feedback
Yes
No
Powered by
