Configuring SpyNet reporting

Applies To: Forefront Client Security

When you edit or create a policy, use the Reporting tab to configure the level of SpyNet reporting in which the client computers protected by the policy will participate.

By default, a new policy includes basic SpyNet reporting. This is the recommended setting.

About SpyNet reporting

Client Security detects known malware and other potentially unwanted software. This includes software that has not yet been analyzed for risks and any changes made to your computer by that software. By joining the online Microsoft SpyNet community, you can see how other people have responded to alerts about software that has not yet been analyzed. Seeing how other people have responded can help you decide what to do. If you choose to participate, the actions that you take for these alerts are added to the community ratings to help other people.

New spyware is continually developed, so SpyNet ratings also help Microsoft determine which software to investigate. For example, if many people deny changes by software that has not yet been classified, Microsoft will analyze the software, determine if it is spyware, and if needed, update the Client Security definitions. Up-to-date definitions help Client Security detect the latest spyware threats and keep them from infecting your computer. Even if software is not spyware, Client Security alerts you if it detects that software is operating in a way that might be malicious or unwanted.

If you join Microsoft SpyNet, Client Security automatically sends information to Microsoft about spyware, potentially unwanted software, and software or changes by software that have not yet been analyzed for risks. The actions that are applied to the software are also reported to Microsoft. For more information about the information reported, see the Client Security Privacy Policy (https://go.microsoft.com/fwlink/?LinkId=83339).

By default, a new policy is configured to perform basic SpyNet reporting and to use Internet Explorer settings for proxy server settings.

To configure the level of SpyNet reporting

1. In the Client Security console, create or edit a policy. For information about how to create or edit a policy, see Creating, editing, copying, and deleting policies.

2. In the New Policy or Edit Policy dialog box, click the Reporting tab.

3. Under SpyNet, in the SpyNet Reporting list, select the level of reporting you want client computers to participate in:

   • Off—Disables participation in SpyNet.

   • Basic—Enables basic membership in SpyNet. Client Security sends basic information about detected items and the actions you apply. In some instances, personal information may be sent, but no information is used to contact users.

   • Advanced—Enables advanced membership in SpyNet. Client Security sends your choices and additional information about detected items. Your decisions regarding detected items can help Microsoft create new definitions and better detect malware. In some instances, personal information may be sent, but no information is used to contact users.

4. If you selected Basic or Advanced reporting, under Network connections to SpyNet, do one of the following:

   • Select Use Internet Explorer settings. If client computers do not need to use a proxy server, select this option.

   • Select Use other proxy server and port and type the server name and port number. For example, type proxyserver.contoso.com:8080.

5. After you finish creating or editing the policy, click OK.

6. To apply the policy to client computers, you must deploy the policy. For information about deploying a policy, see Deploying and undeploying policies.