dlptransc
Transmission scope and targets define data transmissions on network channels that OfficeScan must monitor. For transmissions that should be monitored, OfficeScan checks for the presence of digital assets before allowing or blocking the transmission. For transmissions that should not be monitored, OfficeScan will not check for the presence of digital assets and immediately allow the transmission.
OfficeScan monitors data transmitted outside the host computer.
Trend Micro recommends choosing this scope for external clients.
If you do not want to monitor data transmissions to certain targets outside the host computer, define the following:
Non-monitored targets: OfficeScan does not monitor data transmitted to these targets.
Data transmissions to non-monitored targets and to monitored targets where "Pass" is the action are similar in that the transmission is allowed. The only difference is that for non-monitored targets, OfficeScan does not log the transmission, whereas for monitored targets, the transmission is always logged.
Monitored targets: These are specific targets within the non-monitored targets that should be monitored. Monitored targets are:
Optional if you defined non-monitored targets.
Not configurable if you did not define non-monitored targets.
For example:
The following IP addresses are assigned to your company’s Legal Department:
10.201.168.1 to 10.201.168.25
You are creating a policy that monitors the transmission of Employment Certificates to all employees except the Legal Department’s full time staff. To do this, you would select All transmissions as the transmission scope and then:
Option 1:
Add 10.201.168.1-10.201.168.25 to the non-monitored targets.
Add the IP addresses of the Legal Department’s part-time staff to the monitored targets. Assume that there are 3 IP addresses, 10.201.168.21-10.201.168.23.
Option 2:
Add the IP addresses of the Legal Department’s full time staff to the monitored targets:
10.201.168.1-10.201.168.20
10.201.168.24-10.201.168.25
For guidelines on defining monitored and non-monitored targets, see Defining Monitored and Non-monitored Targets.
OfficeScan monitors data transmitted to any target outside the Local Area Network (LAN).
Trend Micro recommends choosing this scope for internal clients.
"Network" refers to the company or local network. This includes the current network (IP address of the endpoint and netmask) and the following standard private IP addresses:
Class A: 10.0.0.0 to 10.255.255.255
Class B: 172.16.0.0 to 172.31.255.255
Class C: 192.168.0.0 to 192.168.255.255
If you select this transmission scope, you can define the following:
Non-monitored targets: Define targets outside the LAN that you consider safe and therefore should not be monitored.
Data transmissions to non-monitored targets and to monitored targets where "Pass" is the action are similar in that the transmission is allowed. The only difference is that for non-monitored targets, OfficeScan does not log the transmission, whereas for monitored targets, the transmission is always logged.
Monitored targets: Define targets within the LAN that you want to monitor.
For guidelines on defining monitored and non-monitored targets, see Defining Monitored and Non-monitored Targets.
Follow these guidelines when defining monitored and non-monitored targets:
Define each target by:
IP address or address range
Host name
FQDN
Network address and subnet mask, such as 10.1.1.1/32
For the subnet mask, OfficeScan only supports a classless inter-domain routing (CIDR) type port. That means that you can only type a number like 32 instead of 255.255.255.0.
To target specific channels, include the default or company-defined port numbers for those channels. For example, port 21 is typically for FTP traffic, port 80 for HTTP, and port 443 for HTTPS. Use a colon to separate the target from the port numbers.
You can also include port ranges. To include all ports, ignore the port range.
Below are some examples of targets with port numbers and port ranges:
10.1.1.1:80
host:5-20
host.domain.com:20
10.1.1.1/32:20
Separate targets with commas.
If settings for transmission scope, monitored targets, and non-monitored targets conflict, OfficeScan recognizes the following priorities, in order of highest priority to lowest:
Monitored targets
Non-monitored targets
Transmission scope
See also: