generally speaking the "on-access" scan is a realtime mechanism that triggers when any request fo accessing a file is issued by a user or other program to the operating system. This mechanism ensures that the file is scanned for harmful content before the response to the file access request would be returned to the caller.
The "on-demand" (~ "when you want") scan is always "human intent" initiated and does not trigger on every request for file access.
In other words as soon as Virusscan is installed and operational, a watchdog mechanism starts monitoring file access requests (on-access). Other than that, VirusScan administrator can launch (or schedule for running) on-demand scans. On-demand scans are helpful for example when you first want to scan the entire drive right after VSE has installed, or schedule on-demand scans to examine areas of disk that are excluded for some reason from on-access scanning.
First off the bat, thanks very much for explaining the process. It's very much appreciated.
I have just one further question. Am I to assume that the "on-access" is never switched off and even cannot be switched off as it is a mechanism within the VSE application....?
I now understand the differences and thank you very much for sharing that with me.
It is possible to 'switch off' the on-access scanner if a user wanted to.
1. Disable the task in the VirusScan Console
2. Stop the Mcafee service
3. By exclusions
All of these can be mitigated by carefully configuring your policies in ePO. For example locking down the VirusScan user interface with a password.
Hi Tristan, et al,
Thank you very much for taking the time to post. Your replys have helped me understand these two process.