Views:

Below are the methods for client scanning:

Conventional Scan

This method is being utilized in the previous versions of OfficeScan. Client that uses this method stores all the components on the client computer and scans all the files locally.

Smart Scan

This method uses threat signatures stored in the cloud. The client scans for security risks in the local files first before connecting to the local Smart Scan Server. If the client is unable to connect, it will try to connect to the Trend Micro Global Smart Scan Server.

Trend Micro strongly recommends switching from Conventional Scanning to Smart Scanning due to the following reasons:

  • Recent statistics shows that the Smart Scan Agent pattern (OTH, which is stored locally on the actual agent that uses Smart Scanning) covers 80% of the total threats, and that the Smart Scan pattern (TBL, stored on the Scan Server) covers the other 20%.
  • Aside from Smart Scan Agent pattern (icrc$oth.xxx), a local cache is used to reduce about 80% of outgoing queries. CRC cache works as a partial Smart Scan Pattern replica so that previously obtained CRC can be reused later. In other words, the CRCs are ready to be used to protect an endpoint user and are effective on malware that have been previously detected. However, the date may vary among individual users according to their usage behavior.
Keywords: conventional vs smart scan,smartscan versus conventional,what can you get on smartscan