AntiVirus Engine and Definitions

Proactive threat protection is maintained through engine upgrades and definition updates, which are downloaded as file sets directly from the Global Subscription Service (GSS) or a specified storage location.

The detection and removal of threats on endpoints is powered by the AntiVirus module's engine. Periodic upgrades to it provide such enhancements as detection capability improvements, performance optimizations, and memory footprint reductions. The engine detects viruses and malware by comparing files on endpoints against code samples (signatures) of known virus and malware components, called definitions. Ivanti updates its definitions database several times daily. There are separate definitions for 32-bit and 64-bit systems.

After retrieving an engine upgrade or definitions update, the server notifies licensed agents immediately: online agents begin downloading immediately, offline agents when they reconnect with the server. The download to agents can be delayed in Agent Policy Sets (see Delaying the Distribution of AntiVirus Definition File Updates to Endpoints).

You must have: a valid AntiVirus subscription, offered in durations of one to five years, to enable the Ivanti Endpoint Security server to distribute new content to endpoints.

Important:

• An expired AntiVirus subscription service provides you with no protection against new viruses and malware threats that arise after the date of the last definitions update. Ensure you are aware of your subscription expiration date and renew a minimum of six months beforehand.
• Endpoints hosting agents must have a minimum of 1 GB of free disk space for the creation of temporary files during engine and definitions file updates.

Using a current engine and up-to-date definitions guarantees you the highest level of protection.