Microsoft Security Essentials policy

Microsoft Security Essentials policy is a security policy that enables management of the Microsoft Security Essentials settings to protect your workload.

For more information on the Microsoft Security Essentials functionality, refer to https://www.acronis.com/en-us/support/documentation/CyberProtectionService/index.html#44150

The following example can be used when creating a protection plan with this protection policy:

Policy example

 1{
 2    # Put a unique ID of the policy here.
 3    "id": "",
 4    # Microsoft Security Essentials policy type is 'policy.security.microsoft_security_essentials'
 5    'type': 'policy.security.microsoft_security_essentials',
 6    'parent_ids': [
 7        # Put the ID of total protection policy here.
 8    ],
 9    'origin': 'upstream',
10    'enabled': True,
11    'settings_schema': '2.0',
12    'settings': {
13        # Set to true to check for the latest virus and spyware definitions before running a scheduled scan.
14        'check_for_signatures_before_running_scan': True,
15        # Set to true to disable scanning of archive files.
16        'disable_archive_scanning': False,
17        # Set to true to disable full scan catch-up.
18        'disable_catchup_full_scan': False,
19        # Set to true to disable history of found malware.
20        'disable_history_results': True,
21        # Set to true to disallow all users to view full history results.
22        'disable_privacy_mode': False,
23        # Set to true to disable scanning of removable drive.
24        'disable_removable_drive_scanning': False,
25        # Set to true to disable creation of a system restore point.
26        'disable_restore_point': True,
27        # An action to execute when high level alert is triggered.
28        'high_threat_default_action': 'QUARANTINE',
29        # An action to execute when low level alert is triggered.
30        'low_threat_default_action': 'QUARANTINE',
31        # An option to participate in Microsoft Active Protection Service.
32        'maps_reporting': 'DISABLED',
33        # An action to execute when medium level alert is triggered.
34        'moderate_threat_default_action': 'QUARANTINE',
35        # Remove quarantined files after provided number of days.
36        'quarantine_purge_items_after_delay': 30,
37        # An option to limit CPU usage during the scan.
38        'scan_avg_cpuload_factor': 30,
39        # Set to true if scheduled scan should be started only when machine is on but not in use.
40        'scan_only_if_idle_enabled': True,
41        # A scan mode option.
42        'scan_parameters': 'FULL_SCAN',
43        # A day of week when a scheduled scan should run.
44        'scan_schedule_day': 'fri',
45        # A time in RFC3339 format when a scheduled scan should run.
46        'scan_schedule_time': '12:00:00',
47        # An action to execute when severe level alert is triggered.
48        'severe_threat_default_action': 'QUARANTINE',
49        # An option to manage the sources for virus and spyware definition updates. Values must be pipe-separated.
50        'signature_fallback_order': 'MicrosoftUpdateServer|MMPC',
51        # A day of week when to check virus and spyware definition updates.
52        'signature_schedule_day': 'everyday',
53        # A time in RFC3339 format when to check virus and spyware definition updates.
54        'signature_schedule_time': '12:00:00',
55        # An interval in hours at which to check for definition updates.
56        'signature_update_interval': 3,
57        # Set to true to send file samples automatically when a further analysis is required.
58        'submit_samples_consent': False
59    }
60}