The file operation interception mode affects the File Threat Protection and Device Control components.
FirstAction
) and Second action (SecondAction
) settings for File Threat Protection.You can choose not to block access to files that are being scanned by the File Threat Protection component. In that case, the scan is performed asynchronously.
You can disable file access blocking on the device monitored by the Device Control component. In that case, Device Control determines if access to the device can be allowed in asynchronous mode.
Configuring in the Web Console
In the Web Console, you can configure the file operation interception mode in the policy properties (Application settings → General settings → Application settings, File operation interception mode section).
The Block access to files during scans check box enables or disables the blocking of access to files while they are being scanned by the File Threat Protection and Device Control components.
The check box is selected by default.
If the check box is cleared, access to any file is allowed for the duration of the scan, and the scan runs in asynchronous mode.
Configuring in the Administration Console
In the Administration Console, you can configure the file operation interception mode in the policy properties (General settings → Application settings, File operation interception mode section).
The Block access to files during scans check box enables or disables the blocking of access to files while they are being scanned by the File Threat Protection and Device Control components.
The check box is selected by default.
If the check box is cleared, access to any file is allowed for the duration of the scan, and the scan runs in asynchronous mode.
Configuring in the command line
You can configure the file operation interception mode in the command line using the FileBlockDuringScan
setting in the general application settings.
You can edit the setting using command line options or a configuration file that contains all general application settings.
The FileBlockDuringScan
option accepts the following values:
Yes
(default value) to block access to files for the duration of the scan by the File Threat Protection and Device Control components. No
to allow access to files during the scan. Requests to any file is allowed, scanning is done asynchronously. This file operation interception mode has less impact on the system performance, but there is a risk that a threat in a file will not be disinfected or deleted if the file can, for example, change its name during a scan before the application makes a decision on the status of the file.