OfficeScan 10.6 SP1 Online Help

Collapse AllExpand All
  • Access Control Server (ACS) [1]
  • ACS certificate [1]
  • action on monitored system events [1]
  • actions
    • Data Loss Prevention [1]
  • ActiveAction [1]
  • Active Directory [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11]
    • client grouping [1]
    • credentials [1]
    • custom client groups [1]
    • duplicate structure [1]
    • integration [1]
    • outside server management [1]
    • role-based administration [1]
    • scope and query [1]
    • synchronization [1] [2]
  • ActiveSync [1]
  • ActiveX malicious code [1]
  • Additional Service Settings [1] [2]
  • advanced permissions
  • application filtering [1]
  • approved list [1]
  • approved programs list [1]
  • assessment mode [1]
  • Authentication, Authorization, and Accounting (AAA) [1]
  • automatic client grouping [1] [2]
  • AutoPcc.exe [1] [2] [3] [4] [5]
  • Behavior Monitoring [1]
    • action on system events [1]
    • exception list [1]
    • logs [1]
  • Behavior Monitoring Configuration Pattern [1]
  • Behavior Monitoring Core Service [1]
  • Behavior Monitoring Detection Pattern [1]
  • Behavior Monitoring Driver [1]
  • blocked programs list [1]
  • boot sector virus [1]
  • CA certificate [1] [2]
  • cache settings for scans [1]
  • Case Diagnostic Tool [1]
  • Certificate Authority (CA) [1]
  • certificates [1]
  • Certified Safe Software List [1]
  • Certified Safe Software Service [1]
  • Check Point SecureClient [1]
  • Cisco NAC
    • architecture [1]
    • components and terms [1]
    • policy server deployment [1]
  • Cisco Trust Agent [1] [2]
  • client console
    • access restriction [1]
  • client disk image [1] [2]
  • client grouping [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17]
  • client installation [1] [2]
    • browser-based [1]
    • Client Packager [1]
    • from the web console [1]
    • from the web install page [1]
    • Login Script Setup [1]
    • post-installation [1]
    • system requirements [1]
    • using client disk image [1]
    • using Security Compliance [1]
    • using Vulnerability Scanner [1]
  • client logs
    • ActiveUpdate logs [1]
    • client connection logs [1]
    • client update logs [1]
    • Damage Cleanup Services logs [1]
    • Data Protection debug logs [1] [2]
    • debug logs [1]
    • fresh installation logs [1]
    • Mail Scan logs [1]
    • OfficeScan firewall debug logs [1]
    • Outbreak Prevention debug logs [1]
    • TDI debug logs [1]
    • upgrade/hot fix logs [1]
    • web reputation debug logs [1]
  • client mover [1]
  • Client Packager [1] [2] [3] [4] [5]
  • clients [1] [2] [3] [4] [5] [6] [7]
  • client security level [1]
  • client self-protection [1]
  • client tree [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12]
  • client uninstallation [1]
  • client update
    • automatic [1]
    • customized source [1]
    • event-triggered [1]
    • from the ActiveUpdate server [1]
    • manual [1]
    • privileges [1]
    • scheduled update [1] [2]
    • scheduled update with NAT [1]
    • standard source [1]
  • client upgrade
  • client validation [1]
  • COM file infector [1]
  • Common Firewall Driver [1] [2] [3] [4]
  • Common Firewall Pattern [1]
  • Compliance Report [1]
  • component duplication [1] [2]
  • components [1] [2] [3]
    • on the client [1]
    • on the OfficeScan server [1]
    • on the Update Agent [1]
    • update privileges and settings [1]
    • update summary [1]
  • compressed files [1] [2] [3]
  • condition statements [1]
  • Conflicted ARP [1]
  • connection verification [1]
  • contacting [1] [2] [3] [4] [5] [6] [7] [8]
  • continuity of protection [1]
  • Control Manager
    • integration with OfficeScan [1]
    • MCP Agent logs [1]
  • conventional scan [1] [2]
    • switching to smart scan [1]
  • cookie scanning [1]
  • CPU usage [1]
  • criteria
    • customized expressions [1]
    • keywords [1]
  • custom client groups [1] [2]
  • customized expressions [1] [2] [3]
  • customized keywords [1]
  • customized templates [1]
  • Damage Cleanup Services [1] [2]
  • dashboards
  • database backup [1]
  • database scanning [1]
  • data identifiers [1]
    • expressions [1]
    • file attributes [1]
    • keywords [1]
  • Data Loss Prevention [1] [2] [3] [4]
  • Data Loss Prevention:decompression rules;decompression rules;compressed files:decompression rules [1]
  • Data Loss Prevention:system and application channels;system and application channels;system and application channels:PGP encryption [1]
  • Data Protection
    • deployment [1]
    • installation [1]
    • license [1]
    • status [1]
    • uninstallation [1]
  • debug logs
  • device control [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12]
  • Device Control [1]
  • device control;device control list;device control list:adding programs [1]
  • Device List Tool [1]
  • DHCP settings [1]
  • Digital Asset Control
  • digital certificates [1]
  • digital signature cache [1]
  • Digital Signature Pattern [1] [2]
  • Digital Signature Provider [1]
    • specifying [1]
  • documentation [1]
  • documentation feedback [1]
  • domains [1] [2] [3] [4] [5]
  • DSP [1]
  • EICAR test script [1] [2]
  • email domains [1]
  • encrypted files [1]
  • End User License Agreement (EULA) [1]
  • evaluation version [1]
  • Event Monitoring [1]
  • exception list [1]
    • Behavior Monitoring [1]
  • EXE file infector [1]
  • export settings [1]
  • expressions [1] [2]
  • external device protection [1]
  • external devices
  • FakeAV [1]
  • file attributes [1] [2] [3] [4]
  • file reputation [1] [2]
  • firewall [1] [2]
  • firewall log count [1]
  • Fragmented IGMP [1]
  • FTP [1]
  • gateway IP address [1]
  • gateway settings importer [1]
  • hot fixes [1] [2]
  • HTML virus [1]
  • HTTP and HTTPS [1]
  • IDS [1]
  • IM applications [1]
  • import settings [1]
  • inactive clients [1]
  • incremental pattern [1]
  • installation [1]
    • client [1]
    • Data Protection [1]
    • Plug-in Manager [1]
    • plug-in program [1]
    • Policy Server [1]
    • Security Compliance [1]
  • integrated server [1]
  • integrated Smart Protection Server [1]
  • IntelliScan [1]
  • IntelliTrap Exception Pattern [1]
  • IntelliTrap Pattern [1]
  • intranet [1]
  • Intrusion Detection System [1]
  • IPv6 [1]
  • IPv6 support [1]
    • displaying IPv6 addresses [1]
    • limitations [1] [2]
  • IpXfer.exe [1]
  • Java malicious code [1]
  • JavaScript virus [1]
  • joke program [1]
  • keywords [1] [2]
  • Knowledge Base [1]
  • LAND Attack [1]
  • licenses [1]
    • Data Protection [1]
    • status [1]
  • location awareness [1]
  • locations [1]
    • awareness [1]
  • logical operators [1]
  • Login Script Setup [1] [2] [3] [4] [5]
  • logs [1]
    • about [1]
    • Behavior Monitoring [1]
    • client update logs [1]
    • connection verification logs [1]
    • Device Control logs [1]
    • firewall logs [1] [2] [3]
    • scan logs [1]
    • security risk logs [1]
    • spyware/grayware logs [1]
    • spyware/grayware restore logs [1]
    • system event logs [1]
    • virus/malware logs [1] [2]
    • web reputation logs [1]
  • LogServer.exe [1] [2]
  • MAC address [1]
  • macro virus [1]
  • mail scan [1] [2] [3]
  • Malware Behavior Blocking [1]
  • manual client grouping [1] [2]
  • Manual Scan [1]
  • Microsoft Exchange Server scanning [1]
  • Microsoft SMS [1] [2]
  • migration
    • from ServerProtect Normal Servers [1]
    • from third-party security software [1]
  • monitored email domains [1]
  • monitored system events [1]
  • monitored targets [1] [2]
  • MSI package [1] [2] [3] [4]
  • NetBIOS [1]
  • Network Access Device [1]
  • network channels [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13]
    • email clients [1]
    • FTP [1]
    • HTTP and HTTPS [1]
    • IM applications [1]
    • monitored targets [1] [2]
    • non-monitored targets [1] [2]
    • SMB protocol [1]
    • transmission scope [1]
      • all transmissions [1]
      • conflicts [1]
      • external transmissions [1]
    • transmission scope and targets [1]
    • webmail [1]
  • network virus [1] [2]
  • Network VirusWall Enforcer [1]
  • new features [1]
  • non-monitored email domains [1]
  • non-monitored targets [1] [2]
  • non-storage devices
    • permissions [1]
  • notifications
    • client update [1]
    • computer restart [1]
    • Device Control [1]
    • firewall violations [1]
    • for administrators [1] [2]
    • for client users [1] [2]
    • outbreaks [1] [2]
    • outdated Virus Pattern [1]
    • spyware/grayware detection [1]
    • virus/malware detection [1] [2]
    • web threat detection [1]
  • OfficeScan
    • about [1]
    • client [1]
    • client services [1]
    • components [1] [2]
    • component update [1]
    • database backup [1]
    • database scanning [1]
    • documentation [1]
    • key features and benefits [1]
    • licenses [1]
    • logs [1]
    • programs [1]
    • SecureClient integration [1]
    • terminology [1]
    • web console [1]
    • web server [1]
  • OfficeScan client
    • connection with OfficeScan server [1] [2]
    • connection with Smart Protection Server [1] [2]
    • detailed client information [1]
    • files [1]
    • import and export settings [1]
    • inactive clients [1]
    • installation methods [1]
    • processes [1]
    • registry keys [1]
    • reserved disk space [1]
    • uninstallation [1]
  • OfficeScan server [1]
    • functions [1]
  • OfficeScan update [1]
  • on-demand scan cache [1]
  • outbreak criteria [1] [2]
  • outbreak prevention [1]
  • outbreak prevention policy
    • block ports [1]
    • deny write access [1]
    • limit/deny access to shared folders [1]
  • outside server management [1] [2]
    • logs [1]
    • query results [1]
    • scheduled query [1]
  • Overlapping Fragment [1]
  • packer [1]
  • password [1]
  • patches [1]
  • pattern files
    • smart protection [1]
    • Smart Scan Agent Pattern [1]
    • Smart Scan Pattern [1]
    • Web Blocking List [1]
  • PCRE [1]
  • performance control [1]
  • Performance Tuning Tool [1]
  • Perle Compatible Regular Expressions [1]
  • permissions
    • advanced [1]
    • non-storage devices [1]
    • program path and name [1]
    • storage devices [1]
  • phishing [1]
  • Ping of Death [1]
  • Plug-in Manager [1] [2] [3]
    • installation [1]
    • managing native OfficeScan features [1]
    • troubleshooting [1]
    • uninstallation [1]
  • plug-in program
    • installation [1]
  • policies
    • Data Loss Prevention [1]
    • firewall [1] [2]
    • web reputation [1]
  • policy [1]
  • Policy Enforcement Pattern [1]
  • Policy Server for Cisco NAC [1]
    • CA certificate [1]
    • certificates [1]
    • client validation process [1]
    • default policies [1]
    • default rules [1] [2]
    • deployment overview [1]
    • policies [1]
    • policies and rules [1]
    • policy composition [1]
    • Policy Server installation [1]
    • rule composition [1]
    • rules [1]
    • SSL certificate [1]
    • synchronization [1] [2]
    • system requirements [1]
  • port blocking [1]
  • posture token [1]
  • predefined expressions [1]
  • predefined keywords
    • distance [1]
    • number of keywords [1]
  • predefined tabs [1]
  • predefined templates [1]
  • predefined widgets [1]
  • pre-installation tasks [1] [2] [3]
  • privileges
    • firewall privileges [1] [2]
    • mail scan privileges [1]
    • proxy configuration privileges [1]
    • roaming privilege [1]
    • scan privileges [1]
    • Scheduled Scan privileges [1]
    • unload privilege [1]
  • probable virus/malware [1] [2]
  • programs [1] [2]
  • proxy settings [1]
    • automatic proxy settings [1]
    • clients [1]
    • for external connection [1]
    • for internal connection [1]
    • for server component update [1]
    • for web reputation [1]
    • privileges [1]
  • ptngrowth.ini [1] [2]
  • quarantine directory [1] [2]
  • quarantine manager [1]
  • Real-time Scan [1]
  • Real-time Scan service [1]
  • reference server [1]
  • Remote Authentication Dial-In User Service (RADIUS) [1]
  • remote installation [1]
  • roaming clients [1]
  • role-based administration [1] [2]
    • user accounts [1]
    • user roles [1]
  • rootkit detection [1]
  • scan actions [1]
    • spyware/grayware [1]
    • virus/malware [1]
  • scan cache [1]
  • scan criteria
    • CPU usage [1]
    • file compression [1]
    • files to scan [1]
    • schedule [1]
    • user activity on files [1]
  • scan exclusions [1] [2]
    • directories [1]
    • file extensions [1]
    • files [1]
  • scan method [1]
  • Scan Now [1]
  • scan privileges [1]
  • scan types [1] [2]
  • scheduled assessments [1]
  • Scheduled Scan [1]
  • SCV Editor [1]
  • SecureClient [1] [2]
    • integrating with OfficeScan [1]
    • Policy Servers [1]
    • SCV Editor [1]
  • Secure Configuration Verification [1]
  • Security Compliance [1]
    • components [1]
    • enforcing [1]
    • enforcing update [1]
    • installation [1]
    • logs [1]
    • outside server management [1] [2]
    • scan [1]
    • scheduled assessments [1]
    • services [1]
    • settings [1]
  • Security Information Center [1]
  • security patches [1]
  • security posture [1]
  • security risks [1] [2] [3] [4] [5] [6] [7] [8] [9]
  • server logs
    • Active Directory logs [1]
    • Apache server logs [1]
    • client grouping logs [1]
    • Client Packager logs [1]
    • component update logs [1]
    • Control Manager MCP Agent logs [1]
    • debug logs [1]
    • Device Control logs [1]
    • local installation/upgrade logs [1]
    • outside server management logs [1]
    • remote installation/upgrade logs [1]
    • role-based administration logs [1]
    • Security Compliance logs [1]
    • ServerProtect Migration Tool debug logs [1]
    • Virtual Desktop Support logs [1]
    • Virus Scan Engine debug logs [1]
    • VSEncrypt debug logs [1]
    • web reputation logs [1]
  • ServerProtect [1]
  • Server Tuner [1]
  • server update
    • component duplication [1]
    • logs [1]
    • manual update [1]
    • proxy settings [1]
    • scheduled update [1]
    • update methods [1]
  • service restart [1]
  • Smart Feedback [1]
  • smart protectection [1]
  • smart protection [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18]
  • Smart Protection Network [1] [2]
  • Smart Protection Server [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]
  • smart scan [1] [2] [3]
    • switching from conventional scan [1]
  • Smart Scan Agent Pattern [1] [2]
  • Smart Scan Pattern [1] [2]
  • SMB protocol [1]
  • spyware/grayware [1] [2] [3] [4] [5] [6] [7] [8]
    • adware [1]
    • dialers [1]
    • guarding against [1]
    • hacking tools [1]
    • joke programs [1]
    • password cracking applications [1]
    • potential threats [1]
    • remote access tools [1]
    • restoring [1]
    • spyware [1]
  • spyware/grayware scan
  • Spyware Active-monitoring Pattern [1]
  • Spyware Pattern [1]
  • Spyware Scan Engine [1]
  • SSL Certificate [1] [2] [3]
  • standalone server [1]
  • standalone Smart Protection Server [1]
    • ptngrowth.ini [1]
  • storage devices
    • advanced permissions [1] [2]
    • permissions [1]
  • summary
  • summary dashboard
    • components and programs [1]
  • Summary dashboard [1] [2] [3] [4] [5]
    • predefined tabs [1]
    • predefined widgets [1]
    • product license status [1]
    • tabs [1]
    • user accounts [1]
    • widgets [1]
  • Support Intelligence System [1] [2]
  • suspicious files [1]
  • synchronization [1]
  • SYN Flood [1]
  • system and application channels [1] [2] [3] [4] [5] [6] [7] [8]
    • CD/DVD [1]
    • peer-to-peer (P2P) [1]
    • printer [1]
    • removable storage [1]
    • synchronization software [1]
    • Windows clipboard [1]
  • system requirements
    • Policy Server [1]
    • Update Agent [1]
  • tabs [1]
  • Teardrop [1]
  • technical support [1]
  • templates [1] [2] [3] [4] [5] [6]
  • Terminal Access Controller Access Control System (TACACS+) [1]
  • test scan [1]
  • test virus [1]
  • third-party security software [1]
  • Tiny Fragment Attack [1]
  • TMPerftool [1]
  • TMTouch.exe [1]
  • token variable [1]
  • Too Big Fragment [1]
  • Top 10 Security Risk Statistics [1]
  • touch tool [1]
  • TrendLabs [1]
  • Trend Micro
    • contact information [1]
    • Knowledge Base [1]
    • Security Information Center [1]
    • TrendLabs [1]
  • Trojan horse program [1] [2] [3]
  • troubleshooting
    • Plug-in Manager [1]
  • troubleshooting resources [1]
  • uninstallation [1]
    • Data Protection [1]
    • from the web console [1]
    • Plug-in Manager [1]
    • using the uninstallation program [1]
  • unreachable clients [1]
  • update
    • Smart Protection Server [1] [2]
  • Update Agent [1] [2] [3]
    • analytical report [1]
    • assigning [1]
    • component duplication [1]
    • standard update source [1]
    • system requirements [1]
    • update methods [1]
  • update methods
    • clients [1]
    • OfficeScan server [1]
    • Update Agent [1]
  • Update Now [1]
  • updates [1] [2]
    • clients [1]
    • enforcing [1]
    • integrated Smart Protection Server [1] [2]
    • OfficeScan server [1]
    • Update Agent [1]
  • update source
    • clients [1]
    • OfficeScan server [1]
    • Update Agents [1]
  • URL Filtering Engine [1]
  • USB devices
    • approved list [1]
      • configuring [1]
  • user accounts [1]
    • Summary dashboard [1]
  • user role
    • administrator [1]
    • guest user [1]
    • Trend Power User [1]
  • VBScript virus [1]
  • VDI [1]
  • VDI Pre-scan Template Generation Tool [1]
  • Virtual Desktop Support [1]
  • virus/malware [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13]
  • virus/malware scan
    • global settings [1]
    • results [1]
  • Virus Cleanup Engine [1]
  • Virus Cleanup Template [1]
  • Virus Encyclopedia [1]
  • Virus Pattern [1] [2] [3]
  • Virus Scan Driver [1]
  • Virus Scan Engine [1]
  • Vulnerability Scanner [1] [2]
    • computer description retrieval [1]
    • DHCP settings [1]
    • effectiveness [1]
    • ping settings [1]
    • product query [1]
    • supported protocols [1]
  • Web Blocking List [1] [2]
  • web console [1] [2] [3] [4] [5] [6]
  • web install page [1] [2] [3]
  • webmail [1]
  • web reputation [1] [2] [3] [4] [5]
  • web server information [1]
  • web threats [1]
  • widgets [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13]
    • available [1]
    • Client Connectivity [1]
    • Client Updates [1]
    • Digital Asset Control - Detections Over Time [1]
    • Digital Asset Control - Top Detections [1]
    • File Reputation Threat Map [1]
    • OfficeScan and Plug-ins Mashup [1]
    • Outbreaks [1]
    • Security Risk Detections [1]
    • Web Reputation Top Threatened Users [1]
    • Web Reputation Top Threat Sources [1]
  • wildcards [1]
    • device control [1]
    • file attributes [1]
  • Windows clipboard [1]
  • Windows Server Core [1]
    • available client features [1]
    • commands [1]
    • supported installation methods [1]
  • worm [1]

Component Duplication Scenario Parent topic

To explain component duplication for the server, refer to the following scenario:

Server Component Duplication Scenario

Full patterns on the OfficeScan server
Current version: 171
Other versions available:
169
167
165
161
159
  
Latest version on the ActiveUpdate server
173.175
171.175
169.175
167.175
165.175
163.175
161.175
159.175
157.175
155.175
153.175
151.175
149.175
147.175
        
  1. The OfficeScan server compares its current full pattern version with the latest version on the ActiveUpdate server. If the difference between the two versions is 14 or less, the server only downloads the incremental pattern that accounts for the difference between the two versions.
    Note
    Note
    If the difference is more than 14, the server automatically downloads the full version of the pattern file and 14 incremental patterns.
    To illustrate based on the example:
    • The difference between versions 171 and 175 is 2. In other words, the server does not have versions 173 and 175.
    • The server downloads incremental pattern 171.175. This incremental pattern accounts for the difference between versions 171 and 175.
  2. The server merges the incremental pattern with its current full pattern to generate the latest full pattern.
    To illustrate based on the example:
    • On the server, OfficeScan merges version 171 with incremental pattern 171.175 to generate version 175.
    • The server has 1 incremental pattern (171.175) and the latest full pattern (version 175).
  3. The server generates incremental patterns based on the other full patterns available on the server. If the server does not generate these incremental patterns, clients that missed downloading earlier incremental patterns automatically download the full pattern file, which will consequently generate more network traffic.
    To illustrate based on the example:
    • Because the server has pattern versions 169, 167, 165, 163, 161, 159, it can generate the following incremental patterns:
      169.175, 167.175, 165.175, 163.175, 161.175, 159.175
    • The server does not need to use version 171 because it already has the incremental pattern 171.175.
    • The server now has 7 incremental patterns:
      171.175, 169.175, 167.175, 165.175, 163.175, 161.175, 159.175
    • The server keeps the last 7 full pattern versions (versions 175, 171, 169, 167, 165, 163, 161). It removes any older version (version 159).
  4. The server compares its current incremental patterns with the incremental patterns available on the ActiveUpdate server. The server downloads the incremental patterns it does not have.
    To illustrate based on the example:
    • The ActiveUpdate server has 14 incremental patterns:
      173.175, 171.175, 169.175, 167.175, 165.175, 163.175, 161.175, 159.175, 157.175, 155.175, 153.175, 151.175, 149.175, 147.175
    • The OfficeScan server has 7 incremental patterns:
      171.175, 169.175, 167.175, 165.175, 163.175, 161.175, 159.175
    • The OfficeScan server downloads an additional 7 incremental patterns:
      173.175, 157.175, 155.175, 153.175, 151.175, 149.175, 147.175
    • The server now has all the incremental patterns available on the ActiveUpdate server.
  5. The latest full pattern and the 14 incremental patterns are made available to clients.