I've had a look through the policies and played with a few options but I can't see anyway of preventing users from initiating an On-demand scan.
What I'm looking to do is have a policy which stops users on virtual machines from performing On-demand scans.
Any ideas on this one?
i think the only way to do this is to not show any options in the system tray, that way users cannot right click on the agent/virusscan icon and scan computer for threats.
Addtionally, put a password on the virusscan console. That way all options are greyed out.
Problem is they can still run Start/programs...... and launch the console and then right click the on demand task, or indeed right click any drive/folder and scan.
Just a thought: What if, at the NTFS file permissions level, you remove users' ability to access...
C:\Program Files\McAfee\VirusScan Enterprise\scan32.exe
In testing it, it seemed to work for me and the on-access scanner still detected an EICAR I created on the computer.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC