7.3 Agent Notifications and End User Options

In the Antimalware Agent Notifications configuration, the Show icon in notification area option is enabled be default. If you leave this feature enabled, end users will have access to the Agent Status Console and all its features on the device when the Antimalware Enforcement policy is in effect. This includes the options to run Full, Quick, Custom, and Contextual scans on device folders and files. The latter scan option is run from the right-click menu in File Explorer, while the other three scans are run from the console.

NOTE:You can disable the user capability to run Full and Quick scans, without disabling the Show icon in notification area option, via the User Rights settings for Full Scan and Quick Scan in the Antimalware Enforcement Policy > Details page. Contextual scans can only be disabled from the Show icon in notification area option.

7.3.1 Agent Status Console

The Antimalware Agent Status Console is accessed by double-clicking the Antimalware Agent icon in the Windows notification area. The icon can also be added to the taskbar in Windows Taskbar settings. Accessing console features and console behavior is described below:

Icon

Description / Behavior

Antimalware Agent: Located in the Windows notification area. Opens the Agent Status Console. When the Agent Status Console is opened on a device, an Event Log displays scan and update activity in the console.

Antimalware Issue: If one or more issues are found from a scan, the Antimalware Agent icon is appended with a warning symbol.

Filter: Opens a flyout panel in the Agent Status Console where filter options can filter which type of events show in the Event Log.

Scans: Opens a flyout panel in the Agent Status Console where separate icons are provided to run Full, Quick, and Custom Scans, and to check for Antimalware Agent updates.

Modules: Opens the modules panel where action can be taken on quarantined files.

NOTE:One of the options for end users in the Agent Status Console is the View Log link associated with scans displayed in the console. When clicked, data is displayed in the console in expandable groupings that show more details. While the events will still display in the console once policy changes are refreshed on the device, the logs of all events that predate a policy change will no longer be accessible to the end user.

7.3.2 Postpone Reboot Option

If you have Postpone reboot enabled in the Antimalware Agent Update Schedule and Display restart notifications enabled in the Antimalware Agent Notifications configuration, users will be notified of and have the option to postpone any reboots required from Antimalware Agent updates.

7.3.3 Disabling the Show Icon Option

If you disable the Show icon in notification area option in the Antimalware Agent Notifications configuration and refresh devices with the Antimalware Agent installed or before deploying the Antimalware Enforcement Policy, all the options above will be hidden from end users. Additionally, users will not receive notifications from Antimalware Agent activity.

All the settings in the Antimalware Agent Notifications configuration have detailed descriptions which you can read for more information.