cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
htiedema
Level 7
Report Inappropriate Content
Message 1 of 5

On Access Risk Policy order of determination

Hi, I am new to this community as I just started in the AV sector of IT.

My questions is that I know there has to be programing in the background of on access scanning which has the order of which VSE determines if the process running falls into high low or default. What I am looking for is to find out if "demo.exe" is started does it look in the low risk policy for a match if not then it goes into high risk look for a match then if all else fails it goes to the default policy. Just looking for the order of where the process is matched against in order. I appreciate any information that can be given on this topic.

Thanks,

4 Replies

Re: On Access Risk Policy order of determination

Moved to VSE for a faster response.

---

Peter

Moderator

rmetzger
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 5

Re: On Access Risk Policy order of determination

Hi htiedema,

I would suggest a thorough read of:

McAfee KnowledgeBase - Understanding High-Risk, Low-Risk, and Default processes configuration and us...

McAfee KnowledgeBase - Understanding Exclusions in High-Risk/Low-Risk profiles

McAfee KnowledgeBase - How to create Low-Risk and High-Risk process exclusions in VirusScan Enterpri...

McAfee KnowledgeBase - Troubleshooting high CPU usage related to Disk I/O and McShield

A lot of reading. Let us know of any additional resources we can provide in understanding High/Low risk process policies.

Hope this is helpful.

Ron Metzger

Thanks,
Ron Metzger

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
htiedema
Level 7
Report Inappropriate Content
Message 4 of 5

Re: On Access Risk Policy order of determination

Never responded, thanks for these articles. I got busy at the time of the question and was unable to dig into this more. I have been working at this for a year or so now. I have a lot more knowledge around this now but the way VSE moves through checks is what I was looking for. Just like in an if statement if you have to wait to get to else statement its going to take longer than just hitting the first if statement. what I was looking for was the order of which the checks go in. I hope this helps understand my question better.

rmetzger
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 5

Re: On Access Risk Policy order of determination

OK, so I guess you are trying to understand how to improve performance, while not significantly degrading security, Correct?

Re-read:

McAfee KnowledgeBase - Understanding High-Risk, Low-Risk, and Default processes configuration and us...

William Warren wrote a really good blog here:

It is a significant read, and well worth the effort.

Hope this helps.

Ron Metzger

Thanks,
Ron Metzger

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community