Microsoft Security Essentials policy

Microsoft Security Essentials policy is a security policy that enables management of the Microsoft Security Essentials settings to protect your workload. For more information on the Microsoft Security Essentials functionality, see this section of the Acronis Cyber Protection User Guide.

The following example can be used when creating a protection plan with this protection policy:

Policy example

 1{
 2    # Put a unique ID of the policy here.
 3    "id": "",
 4    # Microsoft Security Essentials policy type is 'policy.security.microsoft_security_essentials'
 5    'type': 'policy.security.microsoft_security_essentials',
 6    'parent_ids': [
 7        # Put the ID of total protection policy here.
 8    ],
 9    'origin': 'upstream',
10    'enabled': True,
11    'settings_schema': '2.0',
12    'settings': {
13        # Set to true to check for the latest virus and spyware definitions before running a scheduled scan.
14        'check_for_signatures_before_running_scan': True,
15        # Set to true to disable scanning of archive files.
16        'disable_archive_scanning': False,
17        # Set to true to disable full scan catch-up.
18        'disable_catchup_full_scan': False,
19        # Set to true to disable history of found malware.
20        'disable_history_results': True,
21        # Set to true to disallow all users to view full history results.
22        'disable_privacy_mode': False,
23        # Set to true to disable scanning of removable drive.
24        'disable_removable_drive_scanning': False,
25        # Set to true to disable creation of a system restore point.
26        'disable_restore_point': True,
27        # An action to execute when high level alert is triggered.
28        'high_threat_default_action': 'QUARANTINE',
29        # An action to execute when low level alert is triggered.
30        'low_threat_default_action': 'QUARANTINE',
31        # An option to participate in Microsoft Active Protection Service.
32        'maps_reporting': 'DISABLED',
33        # An action to execute when medium level alert is triggered.
34        'moderate_threat_default_action': 'QUARANTINE',
35        # Remove quarantined files after provided number of days.
36        'quarantine_purge_items_after_delay': 30,
37        # An option to limit CPU usage during the scan.
38        'scan_avg_cpuload_factor': 30,
39        # Set to true if scheduled scan should be started only when machine is on but not in use.
40        'scan_only_if_idle_enabled': True,
41        # A scan mode option.
42        'scan_parameters': 'FULL_SCAN',
43        # A day of week when a scheduled scan should run.
44        'scan_schedule_day': 'fri',
45        # A time in RFC3339 format when a scheduled scan should run.
46        'scan_schedule_time': '12:00:00',
47        # An action to execute when severe level alert is triggered.
48        'severe_threat_default_action': 'QUARANTINE',
49        # An option to manage the sources for virus and spyware definition updates. Values must be pipe-separated.
50        'signature_fallback_order': 'MicrosoftUpdateServer|MMPC',
51        # A day of week when to check virus and spyware definition updates.
52        'signature_schedule_day': 'everyday',
53        # A time in RFC3339 format when to check virus and spyware definition updates.
54        'signature_schedule_time': '12:00:00',
55        # An interval in hours at which to check for definition updates.
56        'signature_update_interval': 3,
57        # Set to true to send file samples automatically when a further analysis is required.
58        'submit_samples_consent': False
59    }
60}