Real-time file system protection

Real-time file system protection controls all antivirus-related events in the system. All files are scanned for malicious code when they are opened, created, or run on your computer. By default, Real-time file system protection launches at system start-up and provides uninterrupted scanning.


note

Real-time file system protection does not scan the content of archive files. It scans the content of certain self-extracting archives when downloaded to the hard drive.

In exceptional cases (for example, if there is a conflict with another real-time scanner), real-time protection can be disabled:

1.In ESET PROTECT, click Policies > New policy and type a name for the policy.

2.Click Settings and select ESET Endpoint for Linux (V7+) from the drop-down menu.

3.Click Detection engine > Real-time file system protection > Basic.

4.Disable Enable Real-time file system protection.

5.Click Continue > Assign, select the desired group of computers the policy will apply to.

6.Click OK, then click Finish.

Media to scan

By default, all types of media are scanned for potential threats:

Local drives - Controls all system hard drives.

Removable media - Controls CD/DVD's, USB storage, Bluetooth devices, etc.

Network drives - Scans all mapped drives.

We recommend that you use default settings and only modify them in specific cases, such as when scanning certain media significantly slows data transfers.

Scan on

By default, all files are scanned upon opening, creation, or execution. We recommend that you keep these default settings, as they provide the maximum level of real-time protection for your computer:

File open - Enables or disables scanning when files are opened.

File creation - Enables or disables scanning when files are created.

Removable media access - Enables or disables automatic scan of removable media when connecting to the computer.

Real-time file system protection checks all types of media and is triggered by various system events such as accessing a file. Using ThreatSense technology detection methods (as described in the section of ThreatSense parameters), Real-time file system protection can be configured to treat newly created files differently than existing files. For example, you can configure Real-time file system protection to more closely monitor newly created files.

To ensure a minimal system footprint when using real-time protection, files that have already been scanned are not scanned repeatedly (unless modified). Files are scanned again immediately after each detection engine database update. This behavior is controlled using Smart optimization. If Smart optimization is disabled, all files are scanned each time they are accessed. To modify this setting, use ESET PROTECT:

1.In ESET PROTECT, click Policies > New policy and type a name for the policy.

2.Click Settings and select ESET Endpoint for Linux (V7+) from the drop-down menu.

3.Click Detection engine > Real-time file system protection > ThreatSense parameters.

4.Enable or disable Enable Smart optimization.

5.Click Continue > Assign, select the desired group of computers the policy will apply to.

6.Click OK, then click Finish.