Trend Micro, Inc.
Trend Micro Apex One™
This readme file is current as of the date above. However, all customers are advised to check Trend Micro's website for documentation updates at https://docs.trendmicro.com/en-us/enterprise/apex-one.aspx.
Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro website. Register during installation, or online at http://olr.trendmicro.com.
Trend Micro always seeks to improve its documentation. Your feedback is always welcome. Please evaluate this documentation on the following site: http://docs.trendmicro.com/en-us/survey.aspx.
1. About Trend Micro Apex One
Trend Micro Apex One™ protects enterprise networks from malware, network viruses, web-based threats, spyware, and mixed threat attacks. An integrated solution, Apex One consists of the Security Agent program that resides at the endpoint and a server program that manages all agents. The Security Agent guards the endpoint and reports its security status to the server. The server, through the web-based management console, makes it easy to set coordinated security policies and deploy updates to every Security Agent.
Apex One is powered by the Trend Micro Smart Protection Network™, a next generation cloud-client infrastructure that delivers security that is smarter than conventional approaches. Unique in-the-cloud technology and a lighter-weight agent reduce reliance on conventional pattern downloads and eliminate the delays commonly associated with desktop updates. Businesses benefit from increased network bandwidth, reduced processing power, and associated cost savings. Users get immediate access to the latest protection wherever they connect—within the company network, from home, or on the go.
For more information, go to:
Back to top
2. What's New
Apex One includes the following new features and enhancements:
Offline Predictive Machine Learning
Predictive Machine Learning has been upgraded to provide offline protection against portable executable files. The lightweight, offline model helps protect all endpoints against unknown threats when a functional Internet connection is unavailable.
Fileless Attack Protection
Security Agent policies provide increased real-time protection against the latest fileless attack methods through enhanced memory scanning for suspicious process behaviors. Security Agents can terminate suspicious processes before any damage can be done.
Off-premises Security Agent Protection
Enhanced Edge Relay Server support allows for increased communication between the Apex One server and off-premises Security Agents. Security Agents can receive updated policy settings from the Apex One server even when a direct connection to the server is unavailable.
The OfficeScan server and OfficeScan agent programs have been rebranded to the Apex One server and Security Agent respectively. The new Apex One server integrates with Apex Central (formerly Trend Micro Control Manager) to provide increased protection against security risks. The all-in-one Security Agent program continues to provide superior protection against malware and data loss but also allows you implement Application Control, Endpoint Sensor, and Vulnerability Protection policies without having to install and maintain multiple agent programs.
Back to top
3. Document Set
The document set for the Apex One server includes:
Download the latest versions of the PDF documents and readme at https://docs.trendmicro.com/en-us/enterprise/apex-one.aspx.
Back to top
4. System Requirements
Apex One supports the following web browsers:
The Apex One Security Agent can be installed on endpoints running Microsoft Windows platforms. The Security Agent is also compatible with various third-party products.
Visit the following website for a complete list of system requirements and compatible third-party products:
Size of Deployment Package
Note: All of the following deployment package sizes are for packages that do not include the Data Protection feature.
For the fully-functional Security Agent MSI Setup Package:
For the coexist Security Agent MSI Setup Package:
Visit the following website for a complete list of system requirements:
Back to top
See the Installation and Upgrade Guide for instructions on:
For Security Agent installation instructions, refer to the Administrator's Guide.
Back to top
6. Known Issues
The following are the known issues related to the Apex One server and Security Agents in this release:
Server Installation, Upgrade, and Uninstallation
The Apex One web console and all OfficeScan services cannot be accessed if the Apex One server was installed on Windows Server 2012, or Windows Server 2012 R2 before joining a domain. To resolve the issue:
Go to Control Panel > System and Security > Windows Firewall > Advanced settings.
Click Inbound Rules. Allow access to all required File and Printer Sharing rules.
Click Inbound Rules > New Rule... > Port.
Add the following port exceptions:
When the Apex One server is installed to a disk using the FAT32 file system, role-based logon to the Apex One web console does not work.
Trend Micro Mobile Security is a standalone program and has no longer been supported as a plug-in program since OfficeScan 11.0. To continue using Mobile Security, Trend Micro recommends upgrading to the standalone version 9.0. For detailed migration steps, see http://esupport.trendmicro.com/solution/en-US/1098095.aspx.
When upgrading to the Apex One server from a previous OfficeScan version using a Virtual IIS website, the IIS website is removed and rebuilt, resetting all IIS settings to default values.
Agent Installation and Upgrade
You are unable to migrate OfficeScan XG SP1 agents to the Apex One server successfully if the agents used the GlobalSettings.ini "ASE=0" setting to force an HTTP connection with the previous OfficeScan server.
To resolve this issue, modify the GlobalSettings.ini ASE value to "1" and deploy to all agents on the OfficeScan XG SP1 server before migrating agents to the Apex One server.
The Common Client Solution Framework service may not start if “Microsoft Visual C++ 2017 Redistributable” was not installed successfully.
To resolve this issue, ensure that you install the following Windows update to properly install Microsoft Visual C++ 2017 Redistributable:
Security Agents running on Windows Server 2016 platforms cannot report security statuses to Windows Security Center because Windows Server 2016 does not provide the Windows Security Center service. If Windows Defender is enabled on Windows Server 2016 with the Security Agent installed, performance issues may occur. Trend Micro recommends disabling Windows Defender before installing the Security Agent.
A Microsoft Hyper-V virtual machine might not be able to start if the host computer has Security Agent installed. This is because the Security Agent and Hyper-V virtual machine accesses the same Hyper-V xml file and causes file access violation. As a workaround:
In a Citrix environment, when the Security Agent detects a security risk during a particular user session, the notification message for the security risk displays on all active user sessions.
Security risk can be any of the following:
Data Loss Prevention
Apex One Firewall
When the security level on a Citrix server is medium or high, perform the following steps:
If you enable the option Check HTTPS URLs in a Web Reputation policy, select the option Enable third-party browser extensions in Internet Explorer. If this option is disabled, agents will not be able to check the reputation of HTTPS websites.
Agents can browse blocked sites if using Juniper Networks VPN and proxy servers to connect to the Internet. To resolve this issue:
Predictive Machine Learning
Cloud Synchronization Channel Support
Apex Central Integration
Additional Release Notes
Back to top
7. Contact Information
A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees.
Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products.
Back to top
8. About Trend Micro
Smart, simple, security that fits
As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information
Copyright 2019, Trend Micro Incorporated. All rights reserved.
Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex Central are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners.
Back to top
9. License Agreement
Information about your license agreement with Trend Micro can be viewed at http://us.trendmicro.com/us/about/company/user_license_agreements/.
License Attributions can be viewed from the Apex One web console.
Back to top