Knowledge Base

Asset Management Policies

Setting up policies for TeamViewer Asset Management determines how the Patch Management service will deploy available patches. Patch Management deploys both third-party and system updates automatically and is available for both Windows and macOS.

All Operating Systems

• Patch exclusions - Specify which applications you do not want to be updated. Can exclude entire applications or specific versions.

Learn More about supported Third-Party apps

• Reboot setting - Determine if devices will reboot after patch deployment, when necessary.
• Notifications - Set email notifications for when deployments are successful or failed.
• Condition to organize scheduled patching - determine what patches will be deployed and when. Scheduling can be When available, Daily, Weekly, or Monthly. Criteria are based on:
  • Vendor severity: Critical, Important, Low, or Not rated
  • Patch classification: Operating system or Third Party
  • Patch type: Security or Non-security

  Note: It is possible to create multiple rules based on varied conditions.
  

Windows

• Bandwidth throttling - Sets the threshold for the amount of available bandwidth provided to Patch Management. Thresholds set in a specified time-frame.

Endpoint Protection Policies

Setting up policies for TeamViewer Endpoint Protection determines how your devices are scanned and protected against malware. TeamViewer Endpoint Protection provides protection for devices running Windows, macOS, and Linux.

General settings

• Show Malwarebytes icon in notifications area
• Allow users to run a threat scan

Hint: All threats will be quarantined automatically

• Display real-time protection notifications
• Automatic updates (Windows only)

Hint: Automatic software updates are always enabled for macOS.

• Pause software updates (Windows only)

Note: Software updates can be paused for up to 31 days. Updates will automatically resume after 31 days.

Windows settings

SCAN OPTIONS

• Scan for rootkits: Rootkits are files stored on your computer's local disk drives that are invisible to the operating system and may influence system behavior
• Scan within archives: Scans of archive file types, such as zip, 7z, rar, cab, and msi, are scanned up to two levels deep. Password-protected archives cannot be tested.
• Use signature-less anomaly detection: Utilizes a signature-less malware detection component that relies on intelligent algorithms and machine learning to detect new, unknown/never-before-seen threats.
• Use expert system algorithms: Supplement existing detection methods by using expert system algorithms to identify malicious files.
• Potentially unwanted programs (PUPs): Treat detections as malware or ignore
• Potentially unwanted modifications (PUMs): Treat detections as malware or ignore

Note: PUP and PUM settings apply to threat scans, hyper scans, and real-time protection events.

REAL-TIME PROTECTION SETTINGS

• Prevent connections to malicious/compromised websites
• Prevent vulnerability exploits/zero-day attacks
• Prevent malware infections
• Detect and block malware based on behavior analysis

MISCELLANEOUS PROTECTION OPTIONS

• Protect Malwarebytes from targeted threats

macOS settings

• Potentially unwanted programs (PUPs) - Treat detections as malware or ignore

Note: PUP settings apply to threat scans, hyper scans, and real-time protection events.

• Prevent malware infections
• Prevent execution of apps originating from known bad developers

Linux settings

• Prevent malware infections

Endpoint Detection and Response Policies

Endpoint Detection and Response (EDR) is a form of endpoint protection that uses data collected from devices to understand how cyber threats behave and how organizations respond to them. The following settings determine how EDR works and interacts with your endpoints.

WINDOWS

• Suspicious activity monitoring: Protects your devices by observing the behaviors of various processes and files to look for deviations from normal activity.
  
• Aggressive mode: Protects your devices by using a tighter threshold for flagging suspicious processes.
  
• Network events: Collects history of network events for suspicious activity monitoring.
  
• Server operating system monitoring
• Lock endpoint when isolated
• Ransomware rollback: Remediates damage done to your Windows endpoints by ransomware. Ransomware Rollback uses a unique restore process to reverse the damage done by threats.

macOS

• Suspicious activity monitoring: Protects your devices by observing the behaviors of various processes and files to look for deviations from normal activity.
  
• Network events: Collects history of network events for suspicious activity monitoring.
• Lock endpoint when isolated

Backup Policies

Setting up policies for TeamViewer Backup will determine what files and folders are backed up on your endpoints and how often the backups occur. TeamViewer Backup is available for Windows and macOS devices.

File Selection

Determine the level of backup required:

Hint: To see exclusions or included file types, click the blue "i" icon to the right of each option inside the policy.

• Full Selection - All Windows drives/macOS users folders will be backed up. Some exclusions apply
• Quick Selection - Specific filetypes are included, broken into four categories:
  • Office files
  • PDFs/ebooks
  • Emails
  • Pictures
• Advanced Selection - Specified disks, files, or folders are backed up

Manage exclusions

Specify which disks, files, or folders that should be excluded from backups.

Backup schedule

Specify when/how often the backup should occur. Backup can be run in intervals (every 30 minutes - 8 hours), or on a schedule (Every day/specific days and what time).

Bandwidth throttling

Sets the threshold for the amount of available bandwidth provided to TeamViewer Backup. Thresholds are set in a specified time frame and max bandwidth.

Notifications

Enable/disable email notifications for when backups fail, or restores are successful.