I'm trying to fully understand how on-demand and on-access work, as well as how exclusions fit into the mix.
So if you think about these 3 things (ePO 5.3):
1. General tab: On-access scan (checkbox for "Enable on-access scanning")
2. Detections tab: Scan files (checkbox for "When writing to disk" and "When reading from disk")
3. Detections tab: What not to scan (any entries there)
How do these all play together or don't they?
*Isn't #2 like on-access scanning, but you can specify if both read/write?
*Is the "best practices", it talks about exclusions in some cases for on-access and others for on-demand. A bit confusing? I'm guessing you can't combine these? I guess I would have expected that I could specify, for example, on-demand exlcusions for file sytem/folder X, but also on-access exclusions for file system/folder Y.
*Based on how "featureless" the exclusions are (can't select on-demand or on-access exclusion), are they exclusions for both on-demand and on-access?
Correct yes they are offering scan configuration options
1) OAS is the always ON scanner - scanning Read/Writes - you can turn this on or off - all scanned/nothing scanned in OAS
2) You can have OAS turned on and then scan configure to scan ONLY reads or ONLY writes by removing whichever tick you wish.
3) Exclusions again you could have OAS on and scanning reads/writes but choose not to scan filetype extension or like database dir structure.
OAS and ODS configs are different.
For ODS - go into ePO Task Catalog - select product - on demand task - create a new task
This has its own configuration option for each task you create.