Hi,
there are three options availble for the sensitivity within the malware detection settings --> enable inline entropy analysis.
I am wondering if there is a guide or a best practive available which option (low/sensitiv/extrem) i have to use for the different kind of VM´s.
Greetings
Oliver
-
OMW72
- Enthusiast
- Posts: 69
- Liked: 7 times
- Joined: Nov 16, 2022 2:18 pm
- Contact:
-
david.domask
- Product Manager
- Posts: 3645
- Liked: 885 times
- Joined: Jun 28, 2016 12:12 pm
- Contact:
Re: Requierements for the sensitivity option
Hi Oliver,
I think the User Guide and the job setting itself explains it pretty well:
I think the User Guide and the job setting itself explains it pretty well:
We can understand that the higher the sensitivity, the more precise the analysis is as it's checking smaller datasets as well. It will largely come down to your use case, but for most deployments leaving it as "Normal" is probably sufficient, the control is largely to help reduce false positives and additional work during the backup; more sensitive == more work and potentially more false positives depending on your environment.Extreme sensitivity will alert on a smallest dataset getting encrypted and thus can generate many false positives.
David Domask | Product Management: Principal Analyst
Who is online
Users browsing this forum: No registered users and 128 guests