SCEP: Have option to choose to scan at risk infectable files versus all files
Almost every AV product I have ever worked with gives the administrator/user a configuration choice to scan All Files or just "at risk" or "common" file types (real-time or scheduled scan). McAfee and Symantec products for example clearly have this option. I have found using that configuration simplifies configuration and reduces the likelihood of problems with performance or breaking other applications. For example if a vendor says "don't scan our X folder with AV" that problem is usually a non-issue if those file types in folder X are not in the list of "common" programs or "common" data file types.
i.e. only scan (scheduled or real-time) at-risk files like COM, BAT, CMD, DOC, DOC?, DOT, DOT?, EXE etc. etc. etc.
This feature is in almost very other AV product in existence. It saves admins like me hours and hours of time, as well as headaches or downtime for end users who stumble across issues caused by AV touching files we need to be excluding.
This is going to make our migration away from SEP to SCEP was more time consuming than I had hoped.