Trend Micro Endpoint Encryption 5.0 Help

Collapse AllExpand All
  • "Log on as batch job" policy [1]
  • about
    • account types [1]
    • authentication [1]
    • client-server architecture [1]
    • Control Manager integration [1]
    • Encryption Management for Apple FileVault [1]
    • Encryption Management for Microsoft BitLocker [1]
    • Endpoint Encryption [1]
    • Endpoint Encryption Service [1]
    • File Encryption [1] [2]
    • FIPS [1]
    • Full Disk Encryption
      • Encryption Management for Apple FileVault [1]
      • Encryption Management for Microsoft BitLocker [1]
    • groups [1]
    • Legacy Web Service [1]
    • Maintenance Agreement [1]
    • OfficeScan [1]
    • PolicyServer [1] [2] [3]
    • PolicyServer MMC [1]
    • users [1]
    • widgets [1]
  • Accessibility
    • on-screen keyboard [1]
  • accounts
  • Active Directory [1] [2] [3] [4] [5]
  • agents [1]
  • agent tree [1] [2]
    • about [1]
    • specific tasks [1]
  • alerts [1]
  • appendices [1]
  • authentication [1]
  • authentication methods [1]
  • automatic deployment settings
    • Scheduled Download [1]
  • burning discs [1]
  • centrally managed [1]
  • central management [1] [2]
  • changing passwords [1]
  • changing setting permissions [1]
  • client-server architecture [1]
  • ColorCode [1] [2]
  • Command Line Helper [1] [2] [3]
  • Command Line Helper Installer [1]
  • community [1]
  • components
    • downloading [1]
  • configuring [1]
    • managed products [1]
    • Scheduled Download
      • automatic deployment settings [1]
    • Scheduled Download Exceptions [1]
    • Scheduled Download Settings [1]
    • user accounts [1]
  • configuring proxy settings
    • managed server list [1]
  • Control Manager [1] [2] [3] [4] [5]
  • Control Manager antivirus and content security components
    • Anti-spam rules [1]
    • Engines [1]
    • Pattern files/Cleanup templates [1]
  • copying policy settings [1]
  • creating
  • creating policies
    • centrally managed [1]
    • copying settings [1]
    • setting permissions [1]
  • CSV [1]
  • DAAutoLogin [1] [2] [3]
  • dashboard
  • data protection [1]
  • data recovery [1]
  • data views
    • understand [1]
  • Decrypt Disk [1]
  • decryption
    • Recovery Console [1]
  • deleting
  • deleting policies [1]
  • demilitarized zone [1]
  • deployment
  • deployment plans [1]
  • device [1]
  • devices [1] [2] [3] [4] [5]
  • Directory Management options [1]
  • Directory Manager [1]
  • domain authentication [1] [2]
    • File Encryption [1]
  • Download Center [1]
  • download components
  • downloading and deploying components [1]
  • draft policies [1]
  • editing managed servers [1]
  • editing policies [1] [2] [3]
  • encryption [1] [2]
    • archiving [1]
    • digital certificate [1]
    • features [1]
    • file and folder [1]
    • file encryption [1]
    • File Encryption
      • archive and burn [1]
    • FIPS [1]
    • fixed password key [1]
    • full disk [1]
    • hardware-based [1] [2]
    • keys
    • local key [1]
    • self-extracting [1]
    • software-based [1] [2]
  • Encryption Management for Apple FileVault
  • Encryption Management for Microsoft BitLocker
  • Endpoint Encryption
  • error messages
  • features [1]
  • File Encryption [1]
    • agent service [1]
    • archive [1]
    • archive and burn [1] [2]
    • authentication [1]
    • burn archive with certificate [1]
    • burn archive with fixed password [1]
    • change PolicyServer [1]
    • changing password [1]
    • changing PolicyServer [1]
    • digital certificate [1]
    • encryption [1]
    • file encryption [1]
    • first-time use [1]
    • fixed password key
    • local key [1] [2]
    • PolicyServer sync [1]
    • Remote Help [1] [2]
    • reset password [1] [2]
    • secure delete [1]
    • shared key [1]
    • single sign-on [1]
    • smart cards [1]
    • syncing with PolicyServer [1]
    • sync offline files [1]
    • tray icon
    • unlock device [1] [2]
  • filtered policies [1]
    • reordering [1]
  • FIPS
    • about [1]
    • FIPS 140-2 [1]
    • security levels [1]
  • fixed password [1]
  • folders
  • Full Disk Encryption [1]
    • agent service [1]
    • authentication [1] [2]
      • changing password [1]
    • change [1] [2]
    • change PolicyServer [1]
    • changing enterprises [1]
    • clean up files [1]
    • connectivity [1]
    • Decrypt Disk [1]
    • menu options [1]
    • network configuration [1]
    • Network Setup [1]
    • patching [1]
    • PolicyServer settings [1]
    • port settings [1]
    • Recovery Console [1]
      • manage policies [1]
      • manage users [1]
      • Windows [1]
    • recovery methods [1]
    • Remote Help [1] [2]
    • Self Help [1]
    • synchronize policies [1]
    • TCP/IP access [1]
    • tools [1]
    • uninstall [1]
    • Windows patches [1]
  • Full Disk Encryption Preboot [1]
    • authentication [1]
    • keyboard layout [1]
    • menu options [1]
    • network connectivity [1]
    • on-screen keyboard [1]
    • wireless connection [1]
  • groups [1] [2]
    • creating offline groups [1]
    • install to group [1]
    • modifying [1]
    • offline groups [1]
    • remove device [1] [2]
    • removing [1]
    • subgroups [1]
    • types [1]
  • help desk policies [1]
  • importing users [1]
  • key features [1]
  • LDAP [1]
  • LDAP Proxy [1] [2]
  • log events [1]
  • logs [1] [2] [3]
    • alerts [1]
    • managing events [1]
    • querying [1]
    • setting alerts [1]
  • maintenance [1]
  • Maintenance Agreement
  • managed products
    • configuring [1]
    • issue tasks [1]
    • recovering [1]
    • renaming [1]
    • searching for [1]
    • viewing logs [1]
  • managed server list [1]
    • configuring proxy settings [1]
    • editing servers [1]
  • manually download components [1]
  • MBR
    • replacing [1]
  • MCP [1] [2]
  • modifying
  • Network Setup [1]
  • OfficeScan
    • uninstalling agents [1]
  • online
    • community [1]
  • on-screen keyboard [1]
  • passwords [1] [2] [3]
    • change fixed password [1]
    • change method [1]
    • Remote Help [1]
    • resetting [1] [2] [3]
      • Active Directory [1]
      • Enterprise Administrator [1]
      • Enterprise Authenticator [1]
      • Group Administrator [1]
      • Group Authenticator [1]
      • user [1] [2]
    • resetting active directory [1]
    • resetting Enterprise Administrator/Authenticator [1]
    • resetting fixed password [1]
    • resetting Policy Administrator/Authenticator [1]
    • resetting to fixed password [1]
    • resetting user [1] [2]
    • Self Help [1]
  • pending targets [1]
  • Personal Identification Number (PIN) [1]
  • Plug-in Manager [1]
  • policies [1] [2]
  • policy
    • install devices [1]
  • policy control [1]
  • policy list [1] [2]
  • policy management [1]
    • centrally managed [1]
    • copying policy settings [1]
    • deleting policies [1]
    • draft policies [1]
    • editing managed servers [1]
    • editing policies [1] [2] [3]
    • filtered policies [1]
    • managed server list [1]
    • pending targets [1]
    • policy list [1] [2]
    • policy priority [1] [2]
    • reordering policies [1]
    • setting permissions [1]
    • specified policies [1]
    • targets [1]
    • understanding [1]
    • upgrading policy templates [1]
  • policy mapping
    • Control Manager [1]
    • PolicyServer [1]
  • policy priority [1]
  • PolicyServer
  • PolicyServer MMC [1]
  • policy settings
  • policy targets [1]
  • policy templates [1]
  • policy types
  • product components [1]
  • product definitions [1]
  • Product Directory
    • deploying components [1]
  • product overview [1]
  • proxy settings
    • managed server list [1]
  • query logs [1]
  • recovering
    • managed products [1]
  • recovery
    • clean up files [1]
  • recovery console
  • Recovery Console [1]
    • access [1]
    • changing enterprises [1]
    • changing PolicyServer [1] [2]
    • Decrypt Disk [1]
    • functions [1]
    • log on [1]
    • manage policies [1]
    • manage users [1]
    • Mount Partitions [1]
    • network configuration [1]
    • Network Setup [1]
    • recovery methods [1]
    • Repair CD [1]
    • Restore Boot [1]
    • users
    • view logs [1]
  • recovery methods [1]
  • registering
    • to Control Manager [1]
  • registration
  • Remote Help [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]
  • renaming
    • folders [1]
    • managed products [1]
  • Repair CD [1] [2] [3]
    • data recovery [1]
    • decryption [1]
  • reporting [1] [2]
  • reports [1] [2]
  • report templates [1]
  • Restore Boot [1]
  • schedule bar [1]
  • Scheduled Download
    • configuring
      • automatic deployment settings [1]
  • Scheduled Download Exceptions
    • configuring [1]
  • Scheduled Download Frequency
    • configuring [1]
  • Scheduled Downloads [1]
  • Scheduled Download Schedule
    • configuring [1]
  • Scheduled Download Schedule and Frequency [1]
  • Scheduled Download Settings
    • configuring settings [1]
  • searching
    • managed products [1]
  • security
    • account lock [1] [2]
    • account lockout action [1] [2]
    • account lockout period [1] [2]
    • anti-malware/antivirus protection [1]
    • device lock [1] [2]
    • erase device [1] [2]
    • failed login attempts allowed [1] [2]
    • remote authentication required [1] [2]
    • time delay [1] [2]
  • Self Help [1] [2] [3] [4]
    • answers [1]
    • defining answers [1]
    • password support [1]
  • setting permissions [1]
  • showing permissions [1]
  • smart card [1] [2] [3]
    • authentication [1]
  • smart cards [1] [2] [3]
  • specified policies [1]
  • SSO [1]
  • summary dashboard [1]
    • adding tabs [1]
    • deleting tabs [1]
    • modifying tabs [1]
    • tabs [1]
  • support
    • knowledge base [1]
    • resolve issues faster [1]
    • TrendLabs [1]
  • synchronization
    • File Encryption [1]
  • tabs
    • about [1]
    • deleting [1]
    • modifying [1]
    • summary dashboard [1]
  • targets [1]
  • terminology [1]
  • tokens [1] [2] [3]
  • tools
    • Command Line Helper [1]
    • DAAutoLogin [1]
    • Recovery Console [1]
    • Repair CD [1]
  • top group [1] [2]
  • TrendLabs [1]
  • Trend Micro Control Manager
    • managed product user access [1]
    • registering to [1]
  • trial license [1]
  • understand
    • data views [1]
    • deployment plans [1]
    • log queries [1]
    • logs [1]
  • understanding
    • Endpoint Encryption [1]
  • uninstalling
  • upgrading policy templates [1]
  • URLs
    • registration [1]
  • users [1] [2] [3] [4]
    • Active Directory passwords [1]
    • adding [1] [2]
    • adding existing user to group [1] [2] [3]
    • adding existing user to policy [1]
    • adding new user to group [1] [2] [3]
    • add new enterprise user [1] [2]
    • change default group [1]
    • change default policy [1]
    • finding [1]
    • group membership [1]
    • group vs enterprise changes [1]
    • import from AD [1] [2]
    • importing with CSV [1]
    • install to group [1]
    • install to policy [1]
    • lockout [1] [2]
    • modifying [1]
    • passwords [1] [2]
    • policy membership [1]
    • remove from group [1] [2]
    • remove user from policy [1]
    • restore deleted [1] [2] [3]
  • users and groups [1]
  • viewing
    • managed products logs [1]
  • widgets
    • adding [1]
    • adding tabs [1]
    • configuring [1]
    • customizing [1]
    • deleting [1]
    • description [1]
    • Endpoint Encryption [1]
    • Endpoint Encryption Device Lockout [1]
    • Endpoint Encryption Security Violations Report [1]
    • Endpoint Encryption Status [1]
    • Endpoint Encryption Unsuccessful Device Logon [1]
    • Endpoint Encryption Unsuccessful User Logon [1]
    • options [1]
    • understanding [1]
  • Windows patch management [1]

Product Directory Structure Recommendations Parent topic

Trend Micro recommends the following when planning your Product Directory structure for managed products and child servers:

Considerations when Grouping Managed Products or Child Servers

Structure
Description
Company network and security policies
If different access and sharing rights apply to the company network, group managed products and child servers according to company network and security policies.
Organization and function
Group managed products and child servers according to the company's organizational and functional division. For example, have two Control Manager servers that manage the production and testing groups.
Geographical location
Use geographical location as a grouping criterion if the location of the managed products and child servers affects the communication between the Control Manager server and its managed products or child servers.
Administrative responsibility
Group managed products and child servers according to system or security personnel assigned to them. This allows group configuration.
The Product Directory provides a user-specified grouping of managed products which allows you to perform the following for administering managed products:
  • Configuring managed products
  • Request products to perform a Scan Now (if this command is supported)
  • View product information, as well as details about its operating environment (for example, product version, pattern file and scan engine versions, operating system information, and so on)
  • View product-level logs
  • Deploy virus pattern, scan engine, anti-spam rule, and program updates
Plan this structure carefully, because the structure also affects the following:

Considerations for the Structure

Consider
Effect
User access
When creating user accounts, Control Manager prompts for the segment of the Product Directory that the user can access. For example, granting access to the root segment grants access to the entire directory. Granting access to a specific managed product only grants access to that specific product.
Deployment planning
Control Manager deploys update components (for example, virus pattern files, scan engines, anti-spam rules, program updates) to products based on Deployment Plans. These plans deploy to Product Directory folders, rather than individual products. A well-structured directory therefore simplifies the designation of recipients.
Outbreak Prevention Policy (OPP) and Damage Control Template (DCT) deployments
OPP and DCT deployments depend on Deployment Plans for efficient distribution of Outbreak Prevention Policy and cleanup tasks.

Managed Product Icons

Icon
Description
eman.gif
InterScan eManager
osce.gif
OfficeScan Corporate Edition
spnt.gif
ServerProtect Information Server
domain.GIF
ServerProtect Domain
NT.gif
ServerProtect for Windows (Normal Server)
NW.gif
ServerProtect for NetWare (Normal Server)
imss.gif
InterScan Messaging Security Suite
iwss.gif
InterScan Web Security Suite
isnt.gif
InterScan VirusWall for Windows
isux.gif
InterScan VirusWall for UNIX
smex-2.gif
ScanMail for Microsoft Exchange
smln.gif
ScanMail for Lotus Notes
nvw_icon.gif
Network VirusWall
netscreen_fw-2.gif
NetScreen Global PRO Firewall
mp_active.gif
Managed Product connection status icon
Arrange the Product Directory using the Directory Manager. Use descriptive folder names to group your managed products according to their protection type or the Control Manager network administration model.