Procedure

1. Navigate to Security Compliance → Outside Server Management.
2. On the Active Directory/IP Address Scope section, click Define. A new screen opens.
3. To define an Active Directory scope:
   1. Go to the Active Directory Scope section.
   2. Select Use on-demand assessment to perform real-time queries and get more accurate results. Disabling this option causes OfficeScan to query the database instead of each OfficeScan client. Querying only the database can be quicker but is less accurate.
   3. Select the objects to query. If querying for the first time, select an object with less than 1,000 accounts and then record how much time it took to complete the query. Use this data as your performance benchmark.
4. To define an IP address scope:
   1. Go to the IP Address Scope section.
   2. Select Enable IP Address Scope.
   3. Specify an IP address range. Click the plus or minus button to add or delete IP address ranges.
   • For a pure IPv4 OfficeScan server, type an IPv4 address range.
   • For a pure IPv6 OfficeScan server, type an IPv6 prefix and length.
   • For a dual-stack OfficeScan server, type an IPv4 address range and/or IPv6 prefix and length.
     The IPv6 address range limit is 16 bits, which is similar to the limit for IPv4 address ranges. The prefix length should therefore be between 112 and 128.

     Prefix Lengths and Number of IPv6 Addresses

     Length	Number of IPv6 Addresses
     128	2
     124	16
     120	256
     116	4,096
     112	65,536

5. Under Advanced Setting, specify ports used by OfficeScan servers to communicate with clients. Setup randomly generates the port number during OfficeScan server installation.
   To view the communication port used by the OfficeScan server, go to Networked Computers → Client Management and select a domain. The port displays next to the IP address column. Trend Micro recommends keeping a record of port numbers for your reference.
   1. Click Specify ports.
   2. Type the port number and click Add. Repeat this step until you have all the port numbers you want to add.
   3. Click Save.
6. To check a computer’s connectivity using a particular port number, select Declare a computer unreachable by checking port <x>. When connection is not established, OfficeScan immediately treats the computer as unreachable. The default port number is 135.
   Enabling this setting speeds up the query. When connection to a computer cannot be established, the OfficeScan server no longer needs to perform all the other connection verification tasks before treating a computer as unreachable.
7. To save the scope and start the query, click Save and re-assess. To save the settings only, click Save only. The Outside Server Management screen displays the result of the query.

   Note The query may take a long time to complete, especially if the query scope is broad. Do not perform another query until the Outside Server Management screen displays the result. Otherwise, the current query session terminates and the query process restarts.