dlpdeploy
Deploy the Data Protection module to clients after activating its license. After the deployment, clients will start to use Digital Asset Control and Device Control.
Important!
The Data Protection module only supports 32-bit platforms.
By default, the module is disabled on 32-bit versions of Windows Server 2003 and Windows Server 2008 to prevent impacting the performance of the host machine. If you want to enable the module, monitor the system’s performance constantly and take the necessary action when you notice a drop in performance.
You can enable or disable the module from the web console. For details, see Client Services.
If the Trend Micro Data Loss Prevention software already exists on the endpoint, OfficeScan will not replace it with the Data Protection module.
Only Device Control can be deployed to pure IPv6 clients. Digital Asset Control does not work on pure IPv6 clients.
Online clients install the Data Protection module immediately. Offline and roaming clients install the module when they become online.
Users must restart their computers to finish installing Digital Asset Control drivers. Inform users about the restart ahead of time.
Trend Micro recommends enabling debug logging to help you troubleshoot deployment issues. For details, see Data Protection Debug Logs.
To deploy the Data Protection module to clients:
Networked Computers > Client Management
Click the root domain icon 
to deploy the module to all existing and future clients.
Select a specific domain to deploy the module to all existing and future clients under the domain.
Select a specific client to deploy the module only to that client.
Deploy in two ways:
Click Settings > Digital Asset Control Settings.
OR
Click Settings > Device Control Settings.
If you deploy from Settings > Digital Asset Control Settings and the Data Protection module was deployed successfully, Digital Asset Control drivers will be installed. If the drivers are installed successfully, a message displays, informing users to restart their computers to finish installing the drivers.
If the message does not display, there might be problems installing the drivers. If you enabled debug logging, check the debug logs for details about driver installation problems.
A message displays, indicating the number of clients that have not installed the module. Click Yes to start the deployment.
If you click No (or if the module was not deployed to one or several clients for some reason), the same message displays when you click Settings > Digital Asset Control Settings or Settings > Device Control Settings again.
Clients start to download the module from the server.
Check if the module was deployed to clients.
In the client tree, select a domain.
In the client tree view, select Data protection view or View all.
Check the Data Protection Status column. The deployment status can be any of the following:
Running: The module was deployed successfully and its features have been enabled.
Requires restart: Digital Asset Control drivers have not been installed because users have not restarted their computers. If the drivers are not installed, Digital Asset Control will not be functional.
Stopped: The service for the module has not been started. Because the module is disabled by default on Windows Server 2003 and Windows Server 2008, the service will not automatically start after the deployment and will only start when you enable the module. For details on enabling the module, see Client Services.
If the service is running, it can be stopped by the user or the system if Client Self-protection is disabled. In this case, the client will report the same status.
Cannot install: There was a problem deploying the module to the client. You will need to re-deploy the module from the client tree.
Cannot install (unsupported platform): The module cannot be deployed because the client is installed on a 64-bit computer. The module can only be deployed to 32-bit computers.
Cannot install (Data Loss Prevention already exists): The Trend Micro Data Loss Prevention software already exists on the endpoint. OfficeScan will not replace it with the Data Protection module.
Not installed: The module has not been deployed to the client. This status displays if you chose not to deploy the module to the client or if the client’s status is offline or roaming during deployment.
See also: