N-central Help

Behavioral Analysis module

The Behavioral Analysis module is the SolarWinds N-central decision engine. It examines the behavior of a file and determines if the file may be a threat. The Intrusion Detection System (IDS) detects and blocks attempts to change:

  • critical system files,
  • AV Defender files or registry entries,
  • installation of malware drivers, and
  • attacks performed by code injection (DLL injection).

The Behavioral Analysis module is not supported on devices running Windows XP (64-bit) or Windows Server 2003. It is supported on devices running 32-bit and 64-bit editions of:

  • Windows XP (32-bit only)
  • Windows Vista
  • Windows 7
  • Windows 8
  • Windows 8.1
  • Windows 10
  1. Click Configuration > Security Manager > Profiles.
  2. Click Add, or click on an existing profile to edit.
  3. Click View Settings beside the Behavioral Analysis module.
  4. Click the Enabled check box to turn on the module.
  5. Turn off Silent Mode to enable the user to select to block or allow events. If no response is provided, the events are blocked.
  6. In the Active Virus Control area, click the Enable so that AV Defender can monitor applications and scan for malware-like actions on the target system.
  7. Set the detection level to determine the aggressiveness of this behavioral detection engine.
  8. Set the Detection Level to normal to protect best against cryptolocker and its variants.

  9. In the Intrusion Detection System area, click Enable to monitor the network and system activities for malicious activities or policy violations.
  10. Set the detection level to determine the aggressiveness of this behavioral detection engine.
  11. Click Save.