What Is Antivirus Pattern Compliance?
Antivirus pattern compliance displays the percentage of Security Agents using acceptable Virus Pattern and Smart Scan Agent Pattern versions across your network. The compliance indicator provides visibility into:
- Managed agents: Total endpoints with Apex One or Worry-Free Business Security Services Security Agents installed
- With compliant virus patterns: Endpoints using acceptable pattern versions
- With outdated virus patterns: Endpoints not meeting your acceptable version requirements
- Offline for 7 days: Agents without recent communication to the managed product server
- Exceptions: Users or endpoints excluded from compliance calculations
- Unmanaged endpoints: Endpoints without security agents installed
Configuring Acceptable Pattern Versions
Prerequisites
- Access to TrendAI Vision One™ administration console
- Administrator permission to modify Active Directory and Compliance Settings
Procedure
- Navigate to Administration → Settings → Active Directory and Compliance Settings.
- Click the Compliance Indicator tab.
- Click Antivirus pattern compliance.
- In the Acceptable pattern versions field, specify the pattern versions your organization considers compliant.
- For an n-2 strategy, define versions as: current version, current-1, and current-2
- For example, if current version is 1500, acceptable versions would be: 1500, 1499, 1498
- Configure the Alert indicator slider to set compliance thresholds
- Adjust the percentage of compliant agents that triggers different alert levels
Example: Set warning at 95%, critical at 85%
- Adjust the percentage of compliant agents that triggers different alert levels
- Click Save.
Managing Exceptions
You can exclude specific users or endpoints from compliance calculations using custom tags or filters:
- In the Antivirus pattern compliance configuration screen, locate the Exception List.
- Click Add to add an exception.
- From the Type drop-down, select:
- User - to exclude specific users
- Endpoint - to exclude specific endpoints
- All - to view all entries
- Search for and select the custom tags or filters you want to exclude.
- Click Add to confirm.
- Click Close.
- From the Apply exceptions added by drop-down, select:
- All user accounts - applies exceptions added by any administrator
- Only the logged on account - applies only exceptions added by current user
- Click Save
Viewing Compliance Information
Once configured, you can monitor antivirus pattern compliance on the Security Posture dashboard:
- Navigate to the Security Posture tab.
- The default view displays the Antivirus pattern compliance indicator showing:
- Overall compliance percentage
- Total endpoints with outdated patterns
- Detailed breakdown by compliance category
- Click on the count for "Endpoints with outdated patterns" to view affected endpoints in the User/Endpoint Directory.
- Click the settings icon (⚙) to change the data display period.
Best Practices for N-2 Versioning
- Regular Review: Periodically review your n-2 acceptable versions as new pattern releases become available
- Gradual Rollout: Use exceptions to test new pattern versions on a subset of endpoints before making them required
- Monitor Offline Agents: Track endpoints offline for 7+ days, as they may not receive pattern updates
- Automated Updates: Consider automating pattern deployment to maintain compliance without manual intervention
- Alert Tuning: Set alert thresholds based on your organization's risk tolerance and resources