Submit a Help Request (804) 828-2227 | itsc@vcu.edu

How do I enable detection for suspicious behaviors?

SophosAV can provide detection of malware activity through the use of HIPS. The SophosAV installers provided by Technology Services do not have HIPS protection enabled automatically.

Follows these steps to activate HIPS:

 Step 1 - Right click on the Sophos shield located at the bottom right corner on the Windows Taskbar. Click on [Open Sophos Endpoint Security and Control] to open Sophos.  
Step 2 - Click on [Configure anti-virus and HIPS] on the right.
 
Step 3 - Click on [Behavior monitoring]  

Step 4 - By default these boxes are unchecked.

Check "Enable behavior monitoring. 

Check "Detect malicious behavior"
[Detect suspicious behavior] and [Detect buffer overflow].  Make sure that the [Alert Only] boxes is NOT checked.

 

Step 5 - Click [OK]

 

You will get a warning concerning buffer overflow detections settings.

  

Click [OK]

   



This article was updated: 07/9/2013