Remote Monitoring & Management Help

Bitdefender Engine - FAQs

Is there a policy migration tool to transfer settings from VIPRE to Bitdefender policies?

We have included three new default Bitdefender polices and incorporated a migration tool to create Bitdefender versions of VIPRE policies in Dashboard 6.3.

Bitdefender partners with Microsoft to create smart exclusions based on Microsoft recommendations. These smart exclusions are automatically included in the background for each Protection Policy (so do not appear in the Exclusions list) and are applied by the Bitdefender engine depending on the scanned deviance Operating System.

As such when using the Bitdefender engine there is no longer a requirement to create separate Protection Policies just to scan different Operating System types, unless these policies are to include custom exclusions or settings that only apply to specific Operating systems.

Can I use Managed Antivirus (Bitdefender Engine) on Macs? If so, do I need any special policies or setup?

Managed Antivirus (Bitdefender) is available for both Windows and Mac computers. They use common policies and the Operating System governs which policies are applied. Managed Antivirus setup is exactly the same for both Windows and Mac computers.

I know I can change some of the Managed Antivirus (Bitdefender Engine) settings but can I also brand the icon? Also why does my endpoint show N/A for some settings?

Unfortunately the icon cannot be branded as it is burned into the agent by Bitdefender during their build process. Only the Company Name, Product Name, Website, Email, and URL are configurable in the Protection Policy. Please be aware that if N/A is entered for any of the settings this will appear in the Agent's About Managed Antivirus dialog.

Which products can be removed by the Managed Antivirus (Bitdefender Engine) Competitive Antivirus Removal Tool (CART)? Also how does CART handle MalwareBytes?

The Bitdefender engine edition of CART utilizes OPSWAT's AppRemover to detect any currently installed AntiVirus or AntiSpyware products on the device. Depending on the discovered solution CART can either uninstall the product (where it is marked as Yes for ARSupported) or simply report the product as detected (No for ARSupported). Please note that there is an exception in place for Malwarebytes.

Further information on the products supported by OPSWAT are available in the section Bitdefender Engine - Supported Products

Please be aware that automatic CART removal is disabled by default in the Protection Policy. Where CART is disabled in the Protection Policy it may still be used to remove a detected product via theremove links or force installation links and subsequently install Managed Antivirus.

Regarding MalwareBytes, there is an exception in place to the list provided by OSWAT so it is not removed.

Will Managed Antivirus (Bitdefender Engine) retain data for a minimum of one year?

With the release of Dashboard 6.3 the data in the Managed Antivirus (Bitdefender Engine) is extended to display data for one full calendar year, with this available for all regions not just the US.

I have setup Managed Antivirus (Bitdefender Engine) exclusions on a Windows 10 computer, but rather than exclude these locations they are scanned. Is there anything I can check to make sure these locations are excluded?

The initial trouble-shooting step is to double-check that the entered location is correct. If this all appears to be okay, the next step is to check whether case sensitivity was enabled for this folder.

Case sensitivity was introduced in the Windows 10 April 2018 Update (version 1803) and is configured on a per-folder basis. Where enabled for a folder, the entered exclusion location must precisely match the file and folder case. Otherwise Managed Antivirus is unable to exclude this folder or file and it will be scanned. Further information on this setting is available from Windows 10: Case sensitive file and folder names.

How can I determine which version of the Bitdefender engine is installed on the endpoint?

The Bitdefender engine can update independently of the Advanced Monitoring Agent upgrade cycle. To view the version of the Bitdefender engine installed on a machine; select the target device on the Dashboard, navigate to the Managed Antivirus Check in the south panel then click the Check's More information link to open its dialog. The current MAV agent version is displayed under the General information section of the Check Info tab

bd_agent_checks_vers

Will a System Restore work with Managed Antivirus (Bitdefender Engine) installed?

The only way to avoid any potential issues with System Restore is to run it from Safe Mode or uninstall the Antivirus product before restoring, although on some systems (Windows 8, XP but not all) System Restore does work with Active Protection off. Bitdefender have created the Knowledge Base article How do I use System Restore in Windows? that covers the various options.

Can I install Managed Antivirus (Bitdefender Engine) to a different location?

Unfortunately, it is not possible to install Managed Antivirus to a custom location.

Is there an exclusion policy for files over a certain size?

There is not an option to exclude based on the file size.

I observed the error "The connection to Cloud Services could not be established..." in the local Bitdefender console. How can I alleviate this issue?

This error is returned where the endpoint cannot connect to Bitdefender's Global Protective Network intelligence cloud. To alleviate this error please ensure the device, and Site Concentrator <link to Site Concentrator page> server if configured on the Device's site, can reach the following Managed Antivirus <link to MAV URL page> URLs.

*.bitdefender.net

*.bitdefender.com

*.v1.bdnsrt.org

Does Managed Antivirus (Bitdefender Engine) offer protection against emerging CryptoLocker threats?

Bitdefender provided the following response to this question which encompasses not only the remediation action to take one CrytoLocker is detected, but also steps to prevent the device becoming infected in the first place.

First we would like to point out that CryptoLocker is not unique at all in how it propagates. A lot of malware has been distributed via attachments for a dozen years, and certain torrents have been seeding malware for ages. So we're certainly not talking about a new or unique threat here.

 

Obviously the infected email should be first addressed at the mail server, meaning the mail server should scan received email for malware/phishing and the end user should not receive the infected e-mail in the first place - perhaps using a service like Mail Assure.

 

However in case the mail server protection fails, or is not available for some reason, the Remote Management solution still protects the end user through multiple layers:

 

  1. The first layer is Web Protection, available from the Remote Management Dashboard. The rest of the items mentioned are specific to the Managed Antivirus: Bitdefender engine offeringÂ….
  2. The second layer is Active Protection. Before the executable file is started, it has to be written on disk and run. In case of attachment when a user clicks on a file, it does not start "directly from Outlook" - it is in fact written into the temporary directory and starts from there, either directly or passed as argument to an appropriate program such as Microsoft Word. The on-access module would be triggered when a file is opened (either because the system wants to memory-map the executable image into memory, or because Microsoft Word wants to read the document). Once triggered, the on-access module scans the file for malware with our standard engine, and if any malware is found, the file is blocked, meaning it cannot be started, or Microsoft Word cannot load the document, therefore preventing an infection.
  3. In a rare case when a malware threat is completely new or was modified to pass the engine, and a new detection isn't available yet, the file would be scanned and allowed to start. In this case the Behavioral Scanning gets into the game, analyzing the running program behavior and comparing it with the set of heuristic rules of what the file is allowed to do. If the file's behavior is found malicious, the process is killed automatically, even though it was not detected by the engine.

 

So as you see, we're using multiple layer protection even on the endpoint itself. And while no security solution guarantees 100% protection, Bitdefender does provide a much better detection level comparing to other vendors, as confirmed by the latest AV-Test results Bitdefender averages a 100% detection rate on 0-day malware collections, with the industry average 98%.

 

Please note that AV-Test is a trusted third-party organization with good reputation, it is trusted by many security professionals and which is not affiliated with Bitdefender or any other anti-malware vendor.

 

Please be aware that we are not responsible for the content of external sites.

What do you want to do?