Scan devices for viruses

This section provides information on scanning managed devices for known viruses as well as suspicious objects.

IMPORTANT: Scanning requires the proper content subscription
Remember that in order to scan for a specific security content type, including viruses, you must have the corresponding Ivanti® Endpoint Security for Endpoint Manager content subscription. For information about content subscriptions, contact your Ivanti reseller, or visit the Ivanti website:
Ivanti Home Page

Scanning methods

There are several different methods of running an antivirus scan on managed devices that have Antivirus installed:

  • Scheduled antivirus scan
  • On-demand antivirus scan
  • User-initiated antivirus scan
  • Real-time file protection
  • Real-time email protection

Run a scheduled antivirus scan from the console

From the console, you can configure antivirus scan tasks that can be run as either an on-demand scan or as a scheduled task or policy.

Scheduled task remediation can be thought of as a push distribution because the patch is pushed from the core server to devices, while a policy is considered a pull distribution because the policy agent on the device checks the core server for applicable policies and then pulls the patch from the core server.

To create an antivirus scan task
  1. Click Tools > Security > Security Configurations.
  2. Make sure virus definition files have been updated recently.
  3. Make sure the default virus definition file folder (\LDLogon\Antivirus\Bases) contains only those definitions you want to scan for.
  4. Click the Create a task toolbar button, and then click Ivanti Antivirus.
  5. Enter a name for the task.
  6. Specify whether you want this task to update virus definitions, perform an antivirus scan, or do both.
  7. Specify whether the task is a scheduled task or a policy-based scan, or both.
  8. If you want to scan all of your managed devices with Antivirus agent installed, select a scheduled task, and then target all devices. You can also start the antivirus scan of all devices immediately.
  9. If you want to ensure that the scan uses the latest known virus definition files, select the Update virus definitions option.
  10. Select an antivirus setting from the available list (or create a custom setting for this scan by clicking the Configure button), to specify how the scanner operates on end user devices. If you want the antivirus scan to use the device's local antivirus settings (default settings), select that option from the list. For more information about configuring the antivirus scan with antivirus settings, see About the Ivanti Antivirus settings dialog box.
  11. Click OK. (For a typical scheduled task scan, click OK, and then add target devices and configure the scheduling options in the Scheduled tasks tool.)

Run an on-demand antivirus scan from the console

You can also run an immediate on-demand antivirus scan on one or more target devices.

To do this, right-click the selected device (or up to 20 multi-selected devices), click Security and Patch > Ivanti Antivirus scan now, select an antivirus settings, choose whether to update virus definition files before scanning, and then click OK.

When you click OK, the Status of requested actions dialog displays the following information:

  • Progress
  • Results
  • Scan time information

Run an antivirus scan at a managed device

Additionally, if you've configured antivirus settings to display the Antivirus icon in the device system tray, end users can perform their own on-demand antivirus scans.

To do this at the managed device, right-click the Ivanti Antivirus taskbar icon, and then select Scan my computer. Or from the Antivirus dialog box, click Scan my computer.