Policies define how Malwarebytes behaves when running a scheduled scan, using Real-Time Protection, or monitoring Suspicious Activity. Policies are applied at the site and group level in Malwarebytes OneView, and all endpoints in a group use the same policy. By default, endpoints added to the console belong to the Default Group which uses the Default Policy.
Endpoint agent settings
To locate the Endpoint agent tab in your policy:
- Go to Settings > Policies.
- Click the + icon or select an existing policy.
- Select the Endpoint agent tab to see the specific settings available for each operating system.
User interface options
User interface options allow you to adjust the endpoint user experience. This controls what your end users see on their machines, and how they can interact with Malwarebytes software.
Options in this section are as follows:
- Show the Malwarebytes icon in the notification area: Shows the Malwarebytes program icon in the Windows taskbar or Mac menu bar.
- Display real-time protection notifications: Shows notifications on screen for any enabled Real-Time Protection options. For more information, see Real-Time Protection in Configure Protection settings in Malwarebytes OneView.
- Allow users to run a User Threat Scan: Allows users to run Threat Scans with all detected threats put in quarantine. Users may cancel Threat Scans, but can’t cancel scans controlled by the console. Threat Scans ran by users are listed in the Events screen as On demand scans.
- Show Malwarebytes shortcuts on Start menu and desktop to run Threat Scans: Creates shortcuts in the endpoint’s Start Menu and desktop. User Threat Scan must be enabled to use this setting.
- Show Malwarebytes option in context menus: Allows users to scan files by right-clicking them. These scans share the same properties as User Threat Scan, above.
- Allow only Administrator level users to interact with the Malwarebytes Tray: Disables the Endpoint Agent Tray process from loading on standard-level user accounts. Only Administrator-level users will have access to the tray process and Malwarebytes icon. This is useful for running Malwarebytes in a more silent manner or for a multi-user environment such as Microsoft Terminal Services.
Software updates
The Software Updates policy option in Malwarebytes OneView allows control over when endpoints receive Malwarebytes software updates. This option only applies to Protection Service updates, Component Package updates are always automatic.
Options in this section are as follows:
- Pause Software Updates: Stops software updates from being applied on endpoints for up to 31 days. After 31 days, endpoints resume receiving software updates when they are released. When enabled, the policy screen shows the date and time when updates will continue.
- Get early access to the latest Malwarebytes software: Provides early access to the latest Malwarebytes software before official release.
Reboot settings
Reboot options control how Malwarebytes handles requests from the console to restart endpoints. Reboots are sometimes needed to finish malware remediation, or to apply system changes after software is updated or removed.
Options in this section are as follows:
- Automatically reboot endpoints when required: Choose if the endpoint automatically restarts as needed. If you turn this off, malware might not be fully removed from the endpoint and software updates might not be applied.
- Delay time before automatic reboot: The amount of time the endpoint will wait before rebooting.
- Message to display when a reboot is required: A custom message displayed on the endpoint when it needs to reboot.
- Allow users to postpone a reboot: Allows users to postpone a reboot by preset times. A user can continue to postpone a reboot indefinitely unless the reboot delay time is reached. If a user postpones a reboot, the Events screen shows an Audit event.
Inactive endpoints
The Inactive Endpoint Removal option in Malwarebytes OneView allows you to remove endpoints from your OneView sites that have been inactive for a set period of time. When enabled in a policy, endpoints that have not checked in with the console within the specified time frame are automatically removed.
For more information, see Configure Inactive Endpoint Removal option in Malwarebytes Nebula.
Startup options
Startup Options control how services behave on your endpoints. Options in this section are as follows:
- Provide all services with additional time to initiate: Enables extra time for services to finish loading at system startup before they timeout.
- Maximum time to wait for the services to initiate: Choose a preset timeout period. You may select 1, 5, or 10 minutes. The endpoint may need more time to start if it has many services loading at startup or is running additional security software
Health monitoring
Health monitoring provides additional settings to ensure the endpoint agent is running correctly. Options in this section are as follows:
- Enable service health monitoring: Launches a secondary service on endpoints designed to monitor and restart the endpoint agent service if it goes offline.
Source : Official Malwarebytes Brand
Editor by : BEST Antivirus KBS Team