Choose the branch readiness level to determine when feature updates are installed.
Semi Annual Channel (Targeted) - Ready for most people.
Semi Annual Channel - Ready for widespread use in organizations.
| | Feature Update Deferral | A feature update includes new capabilities and improvements. You can choose how many days you would like to defer it, up to 365 days. | | Quality Update Deferral | A quality update includes security improvements. You can choose how many days you would like to defer it, up to 30 days. | ## Anti-Virus Anti-Virus can be enabled/disabled and configured in the Policy. {% hint style="info" %} Anti-Virus is an add-on that requires a license that is not included with the Deploy Faronics license. See [Setup User Profile and Organization Setting](https://docs.faronics.com/faronicsdeploy/get-started-1/quick-start/pre-requisites/setup-profile#2-license-details). {% endhint %} ### Anti-Virus Settings | Anti-Virus Settings | Options | Description | | ------------------------ | ------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Enable Active Protection | | Activate real-time protection for all computers using this Policy. Note: Make sure there is no real-time protection software is running on the computers. This includes third-party antivirus applications. | | | Allow user to switch off Active Protection | User can disable the active protection. | | | Show Active Protection Alert | Display the active protection alert when a real-time scan issue occurs. | #### Cleanup Action | Cleanup Action | Options | Description | | --------------------------------------- | ---------------- | ---------------------------------------------------------------------------------------- | | Default Action for Infected Files | Clean/Quarantine | When a threat is detected, attempt to disinfect the file and quarantine if unsuccessful. | | | Clean/Delete | When a threat is detected, attempt to disinfect the file and delete it if unsuccessful. | | Delete items from Quarantine older than | number of days | Enter the number of days after which to delete files from quarantine, between 1 and 365. | #### Scan Schedule Enable/Disable the Quick Scan and Deep Scans here. The schedule can also be edited, configuring the Start time, Stop when the scan is complete (or at a specified time), days of the week to run the scan on. To configure a scan schedule, select the edit option to the right of it. | Scan Schedule Settings | Options | Description | | ---------------------- | ---------------------- | ----------------------------------------------- | | Enable | Disable by unchecking | Check the box to enable the Scan Configuration. | | Start | | Time at which the scheduled scan will begin. | | Stop | When scan is complete. | Allow the scan to finish completely. | | | At specified time. | Stop the scan at a specific time. | | Days of the week | | Set the days of the week for the scan to run. | #### Scan Options | Scan Options | Options | Description | | ------------------------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------- | | Randomize schedule scan start time by (2) minutes | | Set the number of minutes by which to randomly change the virus scan start time. Default is set to 2 minutes. | | If scan is missed | Do not perform quick scan. | Skip the quick scan. | | | Perform quick scan approximately (5) minutes after start-up. | Start the quick scan at the specified interval after starting up the computer. Default is set to 5 minutes. | | | Prompt user to perform quick scan. | Alert the user that the scan was missed and suggest performing the scan now. | #### Advanced Options | Advanced Options | Description | | ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Enable rootkit detection | Detect malware toolkits (rootkits) when scanning. Available for Deep System and Custom configuration only. Deep system scan is enabled by default. | | Scan inside of archives | Scan the contents of archive files (e.g., .zip .tar files). Available for Deep System and Custom configuration only, file size limit can be set, default is 100MB. | | Exclude removable drives | Don't scan external hard drives in the scan. Only available for Deep System scans. | | Scan registry | Include the registry of the system in the scan. Available for Quick, Deep System, and Custom scans. Quick and Deep system scans are enabled by default. | | Scan running processes | Include processes that are running in the scan. Available for Quick, Deep, and Custom scans. Quick and Deep system scans are enabled by default. | #### Scan Exception Specify the files or folders that are known to be safe. By adding the files or folders, Faronics antivirus will not report the files as malicious or infected. The list displays the items that will not be reported as a virus. #### USB Devices | USB Devices | Options | Description | | ------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------- | | Scan USB drives Upon Insertion | Interrupt active scan for USB scan (please note the interrupted scan will not resume). | Stop a scan that is being performed when a USB drive gets inserted into a machine. | | | Do not perform a scan if another scan is in progress (the USB device will not be scanned automatically and must be scanned manually once the ongoing scan is complete). | Don't interrupt a scan if one is already running regardless if a USB drive gets inserted. | | | Suppress USB scan in progress dialogue | Enable/Disable this to hide or include USB scan in the progress dialogue. | #### Remove Anti-Virus Remove Anti-Virus from all computers on this Policy. ### Firewall Settings and Rules #### Firewall Protection Settings | Firewall Protection Settings | Options | Description | | ---------------------------- | ------------------------------- | ------------------------------------------------------------------------------------------------ | | Enable Firewall Protection | | Firewall protection prevents hackers or malicious software from gaining access to your computer. | | | Allow user to disable firewall. | Checking this box disables the firewall. | | | Enable firewall logging. | Checking this box enables logs to be generated and stored by the firewall. | #### Program Rules Program Rules define the action taken by the firewall on the network activity to and from the application. Program Rules have priority over the default rules. Default rules can be edited but cannot be deleted. #### Network Rules Network Rules define the action taken by the firewall on the network activity. Network Rules can be edited but cannot be deleted. #### Advanced Rules Advanced Rules are processed in the order in which they are listed. Pre-defined Advanced Rules are generated for you. Any user-defined advanced rules will take precedence over the Pre-defined Advanced Rules. #### Trusted Zones Trusted Zones specify computers, networks, and IP addresses that are safe. Trusted Zone and Internet (Non-Trusted) can be treated differently by Application and Network Rules. ### Computer Settings #### User Action | User Action | Options | Description | | ----------------- | ------------------------------------------ | ---------------------------------------------------------------------------------------- | | Show taskbar icon | | Display the Anti-Virus taskbar icon if selected. | | | Allow manual scanning | Provides the user with the option to manually scan for viruses if selected. | | | Allow user to take action on scan results | Provides the user with the option to take action on the scan results if selected. | | | Allow user to abort scan initiated locally | Provides the user the option to stop a scan that is running from their computer locally. | #### Cache Server | Cache Server | Options | Description | | --------------------------- | ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | | Use Anti-Virus Cache Server | | Enable at least one computer as an AV cache server from the Control Grid Action Toolbar to enable the Faronics Deploy Anti-Virus Cache Server. | | | Server Name | Select the name of the computer which will become the Faronics Deploy Anti-Virus Cache Server. | | | Server IP | Enter the IP Address of the server which will become the Faronics Deploy Anti -Virus Cache Server. | #### Windows Security Center | Windows Security Center | Description | | -------------------------------------- | ----------------------------------------------------------------------------------- | | Integrate Into Windows Security Center | Allow the Faronics Deploy Anti-Virus to integrate with the Windows Security Center. | #### Log Actions | Log Actions | Description | | ----------- | --------------------------------------- | | Enable | All Deploy Anti-Virus to generate logs. | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.faronics.com/faronicsdeploy/policies-windows.md?ask=