HI,
When virus and spyware scans detect a threat or SONAR detects a threat, Symantec Endpoint Protection places the files in the client computer's local Quarantine.
Table: Managing the Quarantine
|
Task
|
Description
|
|
Monitor files in the Quarantine
|
You should periodically check the quarantined files to prevent accumulating large numbers of files. Check the quarantined files when a new virus outbreak appears on the network.
Leave files with unknown infections in the Quarantine. When the client receives new definitions, it rescans the items in the Quarantine and might delete or repair the file.
|
|
Delete files in the Quarantine
|
You can delete a quarantined file if a backup exists or if you have a copy of the file from a trustworthy source.
You can delete a quarantined file directly on the infected computer or by using the Risk log in the Symantec Endpoint Protection console.
|
|
Configure how Symantec Endpoint Protection rescans items in the Quarantine when new definitions arrive
|
By default, Symantec Endpoint Protection rescans items in the Quarantine when new definitions arrive. It automatically repairs and restores items silently. Typically you should keep the default setting, but
|
|
Specify how clients submit information about quarantined items
|
Symantec Endpoint Protection lets users submit infected or suspicious files and related side effects to Symantec Security Response for further analysis. When users submit information, Symantec can refine its detection and repair.
You can enable signature-based detections in Quarantine to be forwarded from the local Quarantine to a Central Quarantine Server. Reputation detections in the local Quarantine cannot be sent to a Central Quarantine Server. You can configure the client to forward items if you use a Central Quarantine Server in your security network. The Central Quarantine Server can send the information to Symantec Security Response. Information that clients submit helps Symantec determine if a detected threat is real.
Files that are submitted to Symantec Security Response become the property of Symantec Corporation. In some cases, files may be shared with the antivirus community. If Symantec shares files, Symantec uses industry-standard encryption and may make data anonymous to help protect the integrity of the content and your privacy.
|
|
Manage the storage of quarantined files
|
By default, the Quarantine stores backup, repaired, and quarantined files in a default folder. It automatically deletes files after 30 days.
You can manage the storage of quarantined items in the following ways:
· Specify a local folder to store quarantined files.
You can use the default folder or a folder that you choose.
.
· Specify when files are automatically deleted.
The Quarantine automatically deletes files after a specified number of days. You can also configure the Quarantine to delete files when the folder where the files are stored reaches a specified size. You can configure the settings individually for repaired files, backup files, and quarantined files.
|
Regards
Ajin