How to set up the Local Scan feature of Endpoint Standard
1. Log in to Carbon Black Cloud Console then navigate to Enforce-> Policy page. 2. Select the policy that corresponds to the group of machines to configure the Local Scan. 3. Click on the Local Scan tab 4. With the correct policy selected, click on the "Scanner Config" drop-down to select one of these options:
Disabled - Turns the local AV Scan off for machines in the selected policy. If your organization uses a different Antivirus engine, this may be the best option for your organization.
Normal - Scans any new files when they execute for the first time. Old files that already existed on the machine before the sensor was installed will not be scanned. This is the default setting.
Aggressive - Scans all files when they execute for the first time.
5. Click on the "Save Settings" button to save your changes.
Local Scan Settings are not supported by the Linux or macOS Sensor (any version) or Windows Sensor versions prior to 2.0.x.x
Files will be assigned a reputation based on the scan outcome. If the scan identifies a malicious file, it will be flagged.