VMware VSHIELD MANAGER 4.1 - Manuel d'utilisateur télécharger pdf (Page 22)

9.2 Check that on-access scanning is working

On-access scanning is your main method of protection against threats.Whenever you copy, move,

or open a file, or start a program, the security VM scans the file or program and grants access to

it only if it does not pose a threat to your computer.

Important: Ensure that Sophos Anti-Virus for Windows is not installed on any guest VMs that

are protected with a security VM.

To check that a security VM is scanning files on access:

1. Go to eicar.org/86-0-Intended-use.html. Copy the EICAR test string to a new file. Give the file

a name with a .com extension and save it to one of the guest VMs.

2. Try to access the file from the guest VM.

3. In Sophos Enterprise Console, in the computer list in the lower right part of the window, click

the Status tab.

4. In the list of computers, look for the security VM. In the Alerts and errors column, Enterprise

Console should display Virus/spyware detected. It should also display that EICAR is

not cleanable.

5. Delete the EICAR file that you created.

Before you delete the EICAR file, you must stop vShield Endpoint Thin Agent on the affected

guest VM:

As an Administrator, in a Command Prompt window, type:

net stop vsepflt

To restart the agent after deleting EICAR, type:

net start vsepflt

6. In Enterprise Console, clear the alert.

a) In the computer list in the lower right part of the window, right-click the security VM and

select Resolve Alerts and Errors.

b) In the Resolve Alerts and Errors dialog box, on the Alerts tab, select the alert and click

Acknowledge.

Sophos Anti-Virus for VMware vShield

1 2 ... 17 18 19 20 21 22 23 24 25 26 27 ... 55 56

Pas de commentaire

VMware VSHIELD MANAGER 4.1 - Manuel d'utilisateur Page 22