Showing results for 
Show  only  | Search instead for 
Did you mean: 

How important to scan regularly?

Hi all, 

it may sound silly but I have a question regarding scheduled scan on users’ machines.

We have VSE8.7i on all users machines and scheduled a weekly scan every Thursday at 1230,

It’s set to scan all files, and only use 10% of resources and it’s been set up like this for many years.

I think it’s schedule to run on Thursdays because MccAfee used to release new DAT file every Thursday before.

Anyhow, some user mentioned the performance drop of their PC during the scan,

and CIO decided to disable this weekly scan for the following reasons;

·         WebSense web filter stops threat from the Internet

·         WebSense hosted Email security stops threat coming

·         GroupShield on Exchange as well as the WebSense hosted Email security

·         And VirusScan on all servers and PCs

·         Therefore, in theory all entrance are protected.

·         Weekly scan doesn’t prevent infection

I can see how he came up with this idea and I have no reason other than “just for precaution” to keep the scheduled scan.

Do you think scheduled scan is not important in corporate envirouinmet providing DAT and Engine are kept up-to-date?

If it is important to keep the scheduled scan, what would be the possible scenario we should consider?

Any advise is much appreciated.


8 Replies

Re: How important to scan regularly?

Hi mandara,

McAfee releases DAT updates daily and now with the integration of the Global Threat Intelligence(Artemis), You are better protected from Zero day threats. I would reckon that it is important for you to have a scheduled scan.

You might want to schedule your scan at such times when the users are not working on the computer or on the weekends if your computers are left switched on. That way, you wil be sure to have the scans completed and not have the users feel the performance blues.

Thank you


Level 9
Report Inappropriate Content
Message 3 of 9

Re: How important to scan regularly?


Although the attack vectors your CIO stated are true and covered for "known" malware, what he is missing is the scenario where devices become infected with "zero-day" exploits (exploits where there is no signature for yet). Artemis is a step in the right direction for those "zero-days" but there is still a window where a device could have some "badness" dropped on the machine. With that said, the only time the malware would get detected would after McAfee releases a signature and then you would need to access the malware or read it into memory for OAS to pick it up. Running a full ODS would be the best option to pick up the malware that might now be detected by the new signature. Hence, I would recommend a full ODS at least once a week for desktop devices, maybe once a month for servers an possibly more frequently for mobile type devices such as laptops and tablets which tend to travel beyond the protection of the corporate controls.

I hope this helps,


Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 9

Re: How important to scan regularly?

I can give you a lovely scenario to go with this one...

You drop scheduled scans

Mcafee bring online detection for a threat thats been going on for a while but you havn't yet had detection for (happens all the time)

Your machines spend the next 2 days grinding to a halt (as does your epo server) with the huge amount of generated events (even with throttling)

You end up having to scan at more active times to try and clear the newly detectable threat down to manageable proportions.

been there

Also even if you can only scan a small percentage of the estate its worth it as it may show up some pointer files that point to a currently undetectable infection.

I have the problem of saving Carbon over security myself, evening scans every night get shut down after small time due to business promising to save energy, and when you ask for an extra hour on automated shutdown its like you want to have a human sacrifice. Of course if they get a widespread infection it will cost x hundred thousand pounds in business but thats just a risk.

Re: How important to scan regularly?

Thanks very much Sameer, Spork, tonyb99

>I have the problem of saving Carbon over security myself

I understand, I was thinking of scanning after work hours, but same problem here.

Does WOL work even if the machines are powered down?

I don't know if we can use wake-on-LAN, and run the scheduled scan out-of-hours, maybe over the weekend or something

Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 6 of 9

Re: How important to scan regularly?

Re: How important to scan regularly?

are you running on access scanning already?

Re: How important to scan regularly?

Thanks tonyb99, the nightwatchman looks impressive, not sure if we can afford it but will try evaluation.

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 9 of 9

Re: How important to scan regularly?

Unfortunately, ePO will not able to wakeup the clients when its not available or powerdown?

For ePO to do any activity, the machine should be atleast powered on regardless user is logged on or not.

I will not suggest you to run ODS daily.

In VSE, we even have OAS that will scan the files/exes when its accessed.

Running ODS once/twice in a week in off hours should be ok.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community