Question on real time shield

  • 29 July 2015
  • 1 reply

Userlevel 3
In the policy Real Time Shield / Scan when written or modified (default:ON)
Is this refering to all files, exe, dll text, word, excel pdf or only executable files?
Any disadvantage to having it on, for example with slow, older computers and VPN connections?

1 reply

Userlevel 5
Scan files when written or modified is essentially our file filter driver scanning every file that is read or wrote to the disk. Yes it will include all files but we will only fully inspect the file if the header is something we care about. I'd read more about how file filter drivers work if you want really detailed info on that.

The only time it would be a disadvantage to have it on is on a server. Or a workstation with a lot of I/O activity. That will slow down the machine.