How Do I . . .?:  Enable Active Protection

Active Protection is a real-time service used to detect known and unknown threats before they infect an agent machine. Active Protection sits quietly in the background of a machine and monitors for attempts to change security configuration settings and values. (Attempts to change security settings and values are often an indication that some sort of malware is trying to install itself on the machine.) If it detects an attempt to change a setting it can respond a number of different ways, depending on how it is configured.

Active Protection is performed on target machines using agents. To enable Active Protection:

  1. Create an agent policy.

  2. Enable and configure Active Protection settings on the Active Protection tab.

  1. Install the agent policy on the desired agent machines.

Agents can be push-installed from the console or they can be installed manually.