Configure policy General options in Malwarebytes Cloud Platform

Document created by bgoddard Employee on Oct 10, 2019Last modified by bgoddard Employee on Oct 11, 2019
Version 5Show Document
  • View in full screen mode

Policies define how Malwarebytes behaves when running a scheduled scan, using Real-Time Protection, or monitoring Suspicious Activity. Policies are applied at the group level; all endpoints in a group use the same policy. Unless you specify otherwise, endpoints belong to the Default Group, which uses the Default Policy. 

 

Policies are customizable and have many options. This article covers policy General options for all endpoint platforms. 

 

You may also be interested in these articles:

 

To view policy settings, go to Settings > Policies. Click Default Policy > choose a platform > General to view the options described below.

 

General

General options include rebooting endpoints, applications that launch at startup, asset events, and protection updates.

 

Reboot options

Reboot Options control how Malwarebytes handles requests to restart endpoints. Reboots are sometimes required to finish malware remediation or to apply system changes after software updates or uninstallation.

 

Options in this section are as follows:

  • Enable Restart: Choose whether the endpoint automatically restarts when required. Disabling this can leave the endpoint in a state where malware has not been fully removed or software updates are not applied.
  • Reboot Delay: When Enable Restart is selected, this is the amount of time the endpoint will wait before the reboot happens.
  • Reboot Message: A customizable message that displays when an endpoint reboot is needed.
  • Postpone Reboot: Enabling this allows users to postpone a pending reboot by 10, 20 or 60 minutes. If a user postpones a reboot, an Audit event displays on the Events screen.

 

Startup Options

Startup Options control how services on your Windows endpoints behave.

 

Options in this section are as follows:

  • Allow services additional time to start: Enabling this increases the amount of time Windows services are given until they timeout during startup.
    • Maximum time allowed: Select from a 1, 5, or 10 minute timeout period. The endpoint may need more time if it has many services launching at startup or is running additional antivirus software.

 

Asset Management

Enabling Asset Management options allows Malwarebytes to collect hardware and software information from your endpoints. When these options are enabled, the relevant asset information can be updated with a Refresh Assets action or an Asset Inventory Scan.

 

Events to report

When enabled, asset information is collected from these events and displayed on the Endpoint Properties screen.

 

Options in this section are as follows:

  • Storage Devices: Connected storage, USB storage, and other devices.
  • Memory ObjectsPhysical and virtual memory of the endpoints.
  • Startup ProgramsRegistry entries for installed startup programs on the endpoint.
  • Installed SoftwareSoftware installed on the endpoint.
  • Software UpdatesSoftware updates that occurred on the endpoint.

 

Protection updates

Protection Updates are database updates used by scans and Real-time Protection features. For more information on Protection Updates, see Malwarebytes Endpoint Protection settings for Protection Updates.

 

You may only adjust the Protection Updates frequency, as updates are mandatory.

  • Update Frequency: This determines how often the endpoint checks Malwarebytes servers for updates. You can choose a time between 15 minutes and 7 days.

 

Protection Updates Delay

Protection Updates Delay lets you determine how long a Protection Updates version is available before endpoints can download it. 

 

You may choose a delay period, or set No delay, which is recommended.

  • Delay Period (Windows only): Enabling this feature delays the latest Protection Updates by 1, 3, or 5 hours. 

 

Important: Delays between Protection Updates may reduce the risk of encountering a false positive but increase vulnerability to zero-day threats. For more information on delaying Protection Updates, see Protection Updates Delay overview.

Attachments

    Outcomes