How to Enable Remediation Options

book

Article ID: 177823

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Remediation options: Their requirements and use.

Symptoms
SEP client is unable to remove a threat or risk or to make repairs because of Policy configuration.


Cause

The SEP client must terminate a process to remove a threat or risk, or to make repairs.

Resolution

If these remediation options are enabled, the SEP client will automatically take the necessary actions without notifying users.

Remediation options

Option
Description
Back up the file before attempting to repairBacks up the infected file before repairing it

By default, this option is enabled. The original virus-infected file is encrypted and then copied into the Quarantine directory. If you need, you can use this unrepaired backup file to return the file to its original, but infected state.

Note:
If you disable this option, files that contain viruses are not backed up before repairs are tried.

This setting applies only to virus-infected files. For security risks, if the action you have configured is Delete risk, no backup files are created. If the action that you configure is Quarantine risk, the security risk files are always backed up, regardless of this setting.

Terminate processes automaticallyEnables or disables notifications on infected computers when the client must terminate a process to remove or repair a risk.

If this option is enabled, the client automatically takes the necessary action without notifying users.

Note:
Users are always notified when a restart is required. They are allowed to save data and close open applications or to opt out of the restart.

Stop services automaticallyEnables or disables notifications on infected computers when the client must stop a service to remove or repair a risk

If this option is enabled, the client automatically takes the necessary action without notifying users.

Note:
Users are always notified when a restart is required. They are allowed to save data and close open applications or to opt out of the restart.

How To Enable Remediation for Scheduled Scans
1) Open Symantec Endpoint Protection Manager
2) Click on Policies
3) Select and Edit AntiVirus and Antispyware Policy
4) Select Administrator Defined Scans and Select a Scheduled Scan
5) Click Edit
6) Click on the Actions Tab
7) Below Select Remediation and Select which ever required
8) Click OK


How To Enable Remediation for File System Auto-protect
1) Open Symantec Endpoint Protection Manager
2) Click on Policies
3) Select and Edit AntiVirus and Antispyware Policy
4) Select File System Auto-Protect
5) Click on the Actions Tab
6) Below Select Remediation and Select which ever required
7) Click OK


Note : If making changes in Policy creates additional issues, revert to the Default settings.