Mitigation_Devices

Mitigation Devices

Mitigation devices receive threat information gathered by Threat Discovery Appliance. These devices work with an agent program installed on an endpoint to address and resolve threats. A device with the network access control function may prevent the endpoint from accessing the network until the endpoint is free of threats.

You can register Threat Discovery Appliance to a maximum of 20 mitigation devices. For information on the device versions compatible with Threat Discovery Appliance, see Integration with Trend Micro Products and Services.

To register to mitigation devices:

• Mitigation > Mitigation Settings

1. Under Mitigation Settings, type the mitigation device Server name or IP address.

2. Type a Description for the device.

3. Specify IP address ranges.

• To save network bandwidth, specify IP address ranges for each mitigation device. Threat Discovery Appliance only sends mitigation tasks for specific IP addresses to the mitigation device. If the IP address range is empty, all mitigation requests will be sent to the mitigation device.

4. Click Register. The Cleanup Settings screen appears.

5. Select the types of security risks/threats to send to the mitigation device.

6. Click Apply.

To unregister from mitigation devices:

• Mitigation > Mitigation Settings

1. Select the mitigation devices to unregister from.

2. Click Delete. The device is removed from the list. This task also triggers the mitigation device to remove Threat Discovery Appliance from its list of data sources.

See also:

• Mitigation Exclusion List

• About Threat Discovery Appliance

• Integration with Trend Micro Products and Services