Smart Protection Source List

Clients send queries to smart protection sources when scanning for security risks and determining a website’s reputation.

IPv6 Support for Smart Protection Sources

A pure IPv6 client cannot send queries directly to pure IPv4 sources, such as:

Smart Protection Server 2.0 (integrated or standalone)

IPv6 support for Smart Protection Server starts in version 2.5.

Trend Micro Smart Protection Network

Similarly, a pure IPv4 client cannot send queries to pure IPv6 Smart Protection Servers.

A dual-stack proxy server that can convert IP addresses, such as DeleGate, is required to allow clients to connect to the sources.

Smart Protection Sources and Computer Location

The smart protection source to which the client connects depends on the client computer’s location.

For details on configuring location settings, see Computer Location.

Smart Protection Sources by Location

Location

Smart Protection Sources

External

External clients send scan and web reputation queries to Trend Micro Smart Protection Network.

Internal

Internal clients send scan and web reputation queries to Smart Protection Servers or Trend Micro Smart Protection Network.

If you have installed Smart Protection Servers, configure the smart protection source list on the OfficeScan web console. An internal client picks a server from the list if it needs to make a query. If a client is unable to connect to the first server, it picks another server on the list.

Assign a standalone Smart Protection Server as the primary scan source and the integrated server as a backup. This reduces the traffic directed to the computer that hosts the OfficeScan server and integrated server. The standalone server can also process more queries.

You can configure either the standard or custom list of smart protection sources. The standard list is used by all internal clients. A custom list defines an IP address range. If an internal client’s IP address is within the range, the client uses the custom list.

To configure the standard list of smart protection sources:

Smart Protection > Smart Protection Sources

Click the Internal Clients tab.

Select Use the standard list (list will be used by all internal clients).

Click the standard list link. A new screen opens.

Click Add. A new screen opens.

Specify the Smart Protection Server’s host name or IPv4/IPv6 address. If you specify an IPv6 address, enclose it in parentheses.

Specify the host name if there are IPv4 and IPv6 clients connecting to the Smart Protection Server.

Select File Reputation Services.

Clients send scan queries using the HTTP or HTTPS protocol. HTTPS allows for a more secure connection while HTTP uses less bandwidth.

If you want clients to use HTTP, type the server’s listening port for HTTP requests. If you want clients to use HTTPS, select SSL and type the server’s listening port for HTTPS requests.
Click Test Connection to check if connection to the server can be established.

The listening ports form part of the server address. To obtain the server address:

For the integrated server, open the OfficeScan web console and go to Smart Protection > Integrated Server.

For the standalone server, open the standalone server's console and go to the Summary screen.

Select Web Reputation Services.

Clients send web reputation queries using the HTTP protocol. HTTPS is not supported.

Type the server’s listening port for HTTP requests.
Click Test Connection to check if connection to the server can be established.

Click Save. The screen closes.

Add more servers by repeating the previous steps.

On top of the screen, select Order or Random.

Order: Clients pick servers in the order in which they appear on the list. If you select Order, use the arrows under the Order column to move servers up and down the list.
Random: Clients pick servers randomly.
Because the integrated Smart Protection Server and the OfficeScan server run on the same computer, the computer’s performance may reduce significantly during peak traffic for the two servers. To reduce the traffic directed to the OfficeScan server computer, assign a standalone Smart Protection Server as the primary smart protection source and the integrated server as a backup source.

Perform miscellaneous tasks in the screen.

If you have exported a list from another server and want to import it to this screen, click Import and locate the .dat file. The list loads on the screen.
To export the list to a .dat file, click Export and then click Save.
To refresh the service status of servers, click Refresh.
Click the server name to do one of the following:
To view or edit server information.
View the full server address for Web Reputation Services or File Reputation Services.
To open the console of a Smart Protection Server, click Launch console.
For the integrated Smart Protection Server, the server’s configuration screen displays.
For standalone Smart Protection Servers and the integrated Smart Protection Server of another OfficeScan server, the console logon screen displays.
To delete an entry, select the check box for the server and click Delete.

Click Save. The screen closes.

Click Notify All Clients.

To configure custom lists of smart protection sources:

Smart Protection > Smart Protection Sources

Click the Internal Clients tab.

Select Use custom lists based on client IP addresses.

(Optional) Select Use the standard list when all servers on the custom lists are unavailable.

Click Add. A new screen opens.

In the IP range section, specify an IPv4 or IPv6 address range, or both.

Clients with an IPv4 address can connect to pure IPv4 or dual-stack Smart Protection Servers.

Clients with an IPv6 address can connect to pure IPv6 or dual-stack Smart Protection Servers.

Clients with both IPv4 and IPv6 addresses can connect to any Smart Protection Server.

In the Proxy Setting section, specify proxy settings clients will use to connect to the Smart Protection Servers.

Select Use a proxy server for client and Smart Protection Server communication.
Specify the proxy server name or IPv4/IPv6 address, and port number.
If the proxy server requires authentication, type the user name and password and then confirm the password.

In the Custom Smart Protection Server List, add the Smart Protection Servers.

Specify the Smart Protection Server’s host name or IPv4/IPv6 address. If you specify an IPv6 address, enclose it in parentheses.

Specify the host name if there are IPv4 and IPv6 clients connecting to the Smart Protection Server.

Select File Reputation Services.

Clients send scan queries using the HTTP or HTTPS protocol. HTTPS allows for a more secure connection while HTTP uses less bandwidth.

If you want clients to use HTTP, type the server’s listening port for HTTP requests. If you want clients to use HTTPS, select SSL and type the server’s listening port for HTTPS requests.
Click Test Connection to check if connection to the server can be established.

The listening ports form part of the server address. To obtain the server address:

For the integrated server, open the OfficeScan web console and go to Smart Protection > Integrated Server.

For the standalone server, open the standalone server's console and go to the Summary screen.

Select Web Reputation Services.

Clients send web reputation queries using the HTTP protocol. HTTPS is not supported.

Type the server’s listening port for HTTP requests.
Click Test Connection to check if connection to the server can be established.

Click Add to the List.
Add more servers by repeating the previous steps.
Select Order or Random.

Order: Clients pick servers in the order in which they appear on the list. If you select Order, use the arrows under the Order column to move servers up and down the list.
Random: Clients pick servers randomly.
Because the integrated Smart Protection Server and the OfficeScan server run on the same computer, the computer’s performance may reduce significantly during peak traffic for the two servers. To reduce the traffic directed to the OfficeScan server computer, assign a standalone Smart Protection Server as the primary smart protection source and the integrated server as a backup source.

Perform miscellaneous tasks in the screen.

To refresh the service status of servers, click Refresh.
To open the console of a Smart Protection Server, click Launch console.
For the integrated Smart Protection Server, the server’s configuration screen displays.
For standalone Smart Protection Servers and the integrated Smart Protection Server of another OfficeScan server, the console logon screen displays.
To delete an entry, click the trash bin icon .

Click Save. The screen closes.

The list you just added appears as an IP range link under the IP Range table.

Repeat step 4 to step 8 to add more custom lists.

Perform miscellaneous tasks in the screen.

To modify a list, click the IP range link and then modify the settings in the screen that opens.
To export the list to a .dat file, click Export and then click Save.
If you have exported a list from another server and want to import it to this screen, click Import and locate the .dat file. The list loads on the screen.

Click Notify All Clients.