deviceTRUST 23.1.410 for Windows and macOS, and 23.1.400 for Ubuntu, iOS and IGEL OS 12 are now available.
×

Policy category: Properties

  1. Policy setting: Interval before checking for changes to dynamic properties
  2. Policy setting: Cache SECURITY PRODUCTS for use during early startup
  3. Policy setting: Suppress SECURITY PRODUCTS that become temporarily inactive
  4. Policy setting: Interval of the session idle period

Policy setting: Interval before checking for changes to dynamic properties

Defines the interval before checking for changes to dynamic properties.

The value, specified in seconds, defines the timeout before checking for changes to the properties.

This value only effects dynamic properties. Static and dynamic (Real time) properties are not impacted by this policy. For more details, refer to the Property Matrix.

The default interval is 60 seconds (1 minute).

Policy setting: Cache SECURITY PRODUCTS for use during early startup

Defines whether to cache SECURITY PRODUCTS to the registry for use during early computer startup.

When ENABLED, all security products are written to the registry on shutdown or user logoff. These cached security products can be used by the deviceTRUST Host or Client during early computer startup whilst the Windows Security Center is still initializing.

When DISABLED, no security products are written to the registry on shutdown or user logoff. Cached security products are never read by the deviceTRUST Host or Client.

‘Cache Timeout (Minutes)’ defines the number of minutes after computer startup that cached security products are read by the deviceTRUST Host or Client. Cached security products are only read whilst the Security Center service is still initializing.

‘Cache Expiry (Hours)’ defines the number of hours that the cached security products remain valid after they were originally written to the registry.

The default behavior is enabled with a timeout value of 30 minutes and an expiry time of 240 hours.

Policy setting: Suppress SECURITY PRODUCTS that become temporarily inactive

Defines whether to suppress SECURITY PRODUCTS that become inactive or out of date status for the specified timeout period.

When ENABLED, all security products that become inactive or out of date continue to be reported as active for the specified timeout period. If they don’t become active again within the timeout period, their real status will be reported once the timeout period expires. If they do become active again within the timeout period, then the inactive or out of date state is never reported.

When ‘AntiSpyware Timeout (Seconds)’ is greater than zero, defines a timeout period in seconds that AntiSpyware security products should suppress an inactive or out of date status.

When ‘AntiVirus Timeout (Seconds)’ is greater than zero, defines a timeout period in seconds that AntiVirus security products should suppress an inactive or out of date status.

When ‘Firewall Timeout (Seconds)’ is greater than zero, defines a timeout period in seconds that Firewall security products should suppress an inactive or out of date status.

When DISABLED, or when configured with a zero timeout value, security products which become inactive or out of date are immediately updated.

The default behavior is enabled with a 30 second timeout for AntiSpyware and AntiVirus and a zero timeout value for Firewall.

Policy setting: Interval of the session idle period

Defines the interval of the session idle period.

The value, specified in seconds, defines the interval that the session must remain idle for each increment of the HOST_SESSION_IDLEPERIOD property.

The default interval is 60 seconds (1 minute).