Define the rate of detection events for logging
This policy setting limits the rate at which detection events for network protection against exploits of known vulnerabilities will be logged. Logging will be limited to not more often than one event per the defined interval. The interval value is defined in minutes. The default interval is 60 minutes.
If you enable this setting, detection events will not be logged if there is more than one similar report (by definition GUID) in the specified number of minutes.
If you disable or do not configure this setting, detection events will be logged at the default rate.
Supported on: At least Windows Vista
| Registry Hive | HKEY_LOCAL_MACHINE |
| Registry Path | Software\Policies\Microsoft\Microsoft Antimalware\NIS\Consumers\IPS |
| Value Name | ThrottleDetectionEventsRate |
| Value Type | REG_DWORD |
| Enabled Value | 1 |
| Disabled Value | 0 |
Define the rate of detection events for logging
| Registry Hive | HKEY_LOCAL_MACHINE |
| Registry Path | Software\Policies\Microsoft\Microsoft Antimalware\NIS\Consumers\IPS |
| Value Name | ThrottleDetectionEventsRate |
| Value Type | REG_DWORD |
| Default Value | 60 |
| Min Value | 0 |
| Max Value | 10000000 |
systemcenterendpointprotection.admx
- System
- System Center Endpoint Protection
- Client Interface
- Exclusions
- Microsoft Active Protection Service (MAPS)
- Network Inspection System Exclusions
- Network Inspection System
- Quarantine
- Real-time Protection
- Configure local setting override for monitoring file and program activity on your computer
- Configure local setting override for monitoring for incoming and outgoing file activity
- Configure local setting override for scanning all downloaded files and attachments
- Configure local setting override for turn on behavior monitoring
- Configure local setting override for turn on script scanning
- Configure local setting override to turn off Intrusion Prevention System
- Configure local setting override to turn on real-time protection
- Configure monitoring for incoming and outgoing file and program activity
- Define the maximum size of downloaded files and attachments to be scanned
- Monitor file and program activity on your computer
- Scan all downloaded files and attachments
- Turn on behavior monitoring
- Turn on Information Protection Control
- Turn on network protection against exploits of known vulnerabilities
- Turn on process scanning whenever real-time protection is enabled
- Turn on raw volume write notifications
- Turn on real-time protection
- Turn on script scanning
- Remediation
- Reporting
- Configure time out for detections in critically failed state
- Configure time out for detections in non-critical failed state
- Configure time out for detections in recently remediated state
- Configure time out for detections requiring additional action
- Configure Watson events
- Configure Windows software trace preprocessor components
- Configure WPP tracing level
- Scan
- Allow users to pause scan
- Check for the latest virus and spyware definitions before running a scheduled scan
- Configure local setting override for maximum percentage of CPU utilization
- Configure local setting override for scheduled quick scan time
- Configure local setting override for scheduled scan time
- Configure local setting override for schedule scan day
- Configure local setting override for the scan type to use for a scheduled scan
- Create a system restore point
- Run full scan on mapped network drives
- Scan archive files
- Scan network files
- Scan packed executables
- Scan removable drives
- Specify the day of the week to run a scheduled scan
- Specify the interval to run quick scans per day
- Specify the maximum depth to scan archive files
- Specify the maximum percentage of CPU utilization during a scan
- Specify the maximum size of archive files to be scanned
- Specify the scan type to use for a scheduled scan
- Specify the time for a daily quick scan
- Specify the time of day to run a scheduled scan
- Start the scheduled scan only when computer is on but not in use
- Turn on catch-up full scan
- Turn on catch-up quick scan
- Turn on e-mail scanning
- Turn on heuristics
- Turn on removal of items from scan history folder
- Turn on reparse point scanning
- Signature Updates
- Allow definition updates from Microsoft Update
- Allow definition updates when running on battery power
- Allow notifications to disable definitions based reports to Microsoft Active Protection Service (MAPS).
- Allow real-time definition updates based on reports to Microsoft Active Protection Service (MAPS)
- Check for the latest virus and spyware definitions on startup
- Define the number of days after which a catch-up definition update is required
- Define the number of days before spyware definitions are considered out of date
- Define the number of days before virus definitions are considered out of date
- Define the order of sources for downloading definition updates
- Initiate definition update on startup
- Specify the day of the week to check for definition updates
- Specify the interval to check for definition updates
- Specify the time to check for definition updates
- Turn on scan after signature update
- Threats
- Allow antimalware service to remain running always
- Allow antimalware service to startup with normal priority
- Configure local administrator merge behavior for lists
- Define addresses to bypass proxy server
- Define proxy server for connecting to the network
- Randomize scheduled task times
- Turn on Potentially Unwanted Application (PUA) detection
- Turn on routine remediation
- Turn on spyware definitions
- Turn on threat file hash logging
- Turn on virus definitions
- System Center Endpoint Protection