Three short scans can be configured in the Virus and Spyware Protection policy.
Short Scans may be known as Defwatch Scan, Active Scan, Startup Scan, Quick Scan, Quarantine Scan, or File Cache Scan.
A scan will run when Symantec Endpoint Protection (SEP) is installed, definitions are updated, or when a user logs in. There are three locations in the Virus and Spyware Policy to configure these scans:
Administrator-Defined Scans > Advanced > Startup and Triggered Scans
There are check boxes to enable scanning when a user logs on and when definitions arrive.
Auto-Protect > Advanced tab > Additional Options > File Cache
There is a check box to enable the rescan of the file cache when new definitions arrive. Unchecking the rescan option will cause the cache to be cleared instead.
Quarantine > General tab > When New Virus Definitions Arrive
All options other than "Do Nothing" will trigger a scan of the files in quarantine.
These options are in all versions of SEP 14.x