Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 5323 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Assign workstations in a single group to individual Anti-Virus policies

KausticRage

Hello,

We are just starting a 30 day trial/test and I had a question regarding scheduled scan policies.  I was wondering if its possible to assign individual workstations in a group to different Anti-virus policies...

I.e....

Workstations group - WorkstationA and WorkstationB assigned to the group

Anti-virus and HIPS Policies:

Policy1 which does a scheduled scan at 11am weekly

Policy2 which does a scheduled scan at 1pm weekly

I want to be able to place both machines in a single group and assign each one to a different Anti-virus scan policy.  The reason for this is we don't have to shoot off a scan of all our workstations at the same and would like to scan groups of PC's in blocks (when departments are out to lunch or gone for the day) at certain times without having to create sub-groups since they will share all other policies.

Is something like this possible?

:40615


This thread was automatically locked due to age.
Parents
  • 0

    Hello KausticRage,

    if your CIO is content with a Full System scan (you can't explicitly set the options, Authorizations, Extensions and Exclusions are taken from the group's AV&HIPS policy, otherwise the scheduled scan defaults apply) you could perhaps (ab)use the Sophos Virtualization Scan Controller. It is not intended for this purpose, not integrated with the console and doesn't provide a GUI for configuration. In other words - you don't see in SEC which schedule is set for a computer, you have to edit the configuration (but this could be scripted) when a computer is added or moved to a different group and, frankly, I don't know if it works as I haven't tested it. 

    OTOH - unless you intend to regularly update authorizations and/or exclusions the AV&HIPS policies (like most other policies) are static, thus having one policy for each distinct AV/schedule combination. Of course it depends on the complexity of your environment and setup.  

    Christian

    :40657
Reply
  • 0

    Hello KausticRage,

    if your CIO is content with a Full System scan (you can't explicitly set the options, Authorizations, Extensions and Exclusions are taken from the group's AV&HIPS policy, otherwise the scheduled scan defaults apply) you could perhaps (ab)use the Sophos Virtualization Scan Controller. It is not intended for this purpose, not integrated with the console and doesn't provide a GUI for configuration. In other words - you don't see in SEC which schedule is set for a computer, you have to edit the configuration (but this could be scripted) when a computer is added or moved to a different group and, frankly, I don't know if it works as I haven't tested it. 

    OTOH - unless you intend to regularly update authorizations and/or exclusions the AV&HIPS policies (like most other policies) are static, thus having one policy for each distinct AV/schedule combination. Of course it depends on the complexity of your environment and setup.  

    Christian

    :40657
Children
No Data