The Endpoint Protection settings are based on the creation of profiles and groups of computers to which specific policies are assigned.
To configure a profile, go to Settings and select the Profiles option on the left menu.
To create a new profile, select Create new profile. To edit an existing profile, simply click it.
Profiles are made up of five sections: General, Antivirus, Firewall, Device Control, Exchange Servers and Web access control (the latter two options are only configurable for licensed customers of PCOP Advanced).
These sections are located on the left-hand side of the console once you have selected the profile to edit or create. The Exchange Servers section provides the following configuration options:
Here you can configure the antivirus protection for Exchange Server: enable/disable the mailbox and transport protections, specify the malicious software to detect, and enable/disable the intelligent mailbox scanning.
- Enable mailbox protection: This option lets administrators enable/disable scanning of MAPI email traffic (internal emails).
- Enable transport protection: This option lets administrators enable/disable scanning of POP3/SMTP email traffic (mainly external emails).
Note: When you select any of these options, the system will automatically exclude a series of files and folders from the file protection as recommended by Microsoft for Exchange servers.
- Malicious software to detect: This option lets administrators select the types of malware to be detected by the permanent protection:
- Viruses (viruses are always scanned for, virus detection cannot be disabled).
- Hacking tools and potentially unwanted applications.
- Suspicious items.
- Intelligent mailbox scan. You can only enable these background scans provided the mailbox protection is also enabled. This scan type is not controlled by the user, that is, the scan is enabled but is not constantly scanning mailboxes like on-demand scans. It is the Exchange Server that passes items to the protection for scanning purposes when the computer is idle.
This section lets you enable/disable the anti-spam protection as well as whitelist and blacklist email addresses and domains.
The anti-spam section provides the following configuration options:
- Detect spam: This option lets administrators enable/disable the anti-spam protection.
- Action for spam messages: The following actions are available:
- Let the message through
- Move the message to a specified email address
- Delete the message
- Flag with SCL (Spam Confidence Level)
- Allowed addresses and domains: Any emails coming from the listed addresses or domains will not be scanned.
- Spam addresses and domains: Any emails coming from the listed addresses or domains will be considered spam.