Control Manager
Trend Micro Control Manager is a software management solution that gives you the ability to control antivirus and content security programs from a central location, regardless of the program's physical location or platform. This application can simplify the administration of a corporate antivirus and content security policy.
For information on the Control Manager versions compatible with Threat Mitigator, see Integration with Trend Micro Products and Services.
Refer to the Trend Micro Control Manager Administrator’s Guide for more information about managing products using Control Manager.
Control Manager components lists the components that make up Control Manager.
Component |
Description |
Control Manager server |
The computer upon which the Control Manager application is installed. This server hosts the web-based Control Manager product console |
Management Communication Protocol (MCP) Agent |
An application installed along with Threat Mitigator that allows Control Manager to manage the product. The agent receives commands from the Control Manager server, and then applies them to Threat Mitigator. It also collects logs from the product, and sends them to Control Manager. The Control Manager agent does not communicate with the Control Manager server directly. Instead, it interfaces with a component called the Communicator. |
Communicator |
The communications backbone of the Control Manager system; it is part of the Trend Micro Management Infrastructure. Commands from the Control Manager server to Threat Mitigator, and status reports from Threat Mitigator to the Control Manager server all pass through this component. |
Entity |
A representation of a managed product (such as Threat Mitigator) on the Control Manager console’s directory tree. The directory tree includes all managed entities. |
You can use the Control Manager Settings screen on the Threat Mitigator console to perform the following:
Check the connection between Threat Mitigator and Control Manager
Check the latest MCP heartbeat with Control Manager
Register to a Control Manager server
Unregister from a Control Manager server
Verify that Threat Mitigator can register to a Control Manager server
Ensure that both Threat Mitigator and the Control Manager server belong to the same network segment. If Threat Mitigator is not in the same network segment as Control Manager, configure the port forwarding settings for Threat Mitigator.
The following features and capabilities are available when managing Threat Mitigator servers from Control Manager:
Configuration replication: All configurable settings in Threat Mitigator can be replicated, except network configuration and product license settings.
Single sign-on: Any Threat Mitigator account with administrator privileges can be used for single sign-on. The default account with administrator privileges is admin. To configure Threat Mitigator accounts, see Administrative Accounts.
Accounts configured from Control Manager cannot be used for single sign-on.
Log submission: Threat Mitigator sends system logs and system information to Control Manager. System information displays when you select Threat Mitigator from the Control Manager directory tree.
Component updates: All updateable Threat Mitigator components can be deployed from Control Manager.
To register Threat Mitigator to Control Manager:
Administration > Control Manager Settings
Under Connection Settings, type the name that identifies Threat Mitigator in the Control Manager Product Directory.
Specify a unique and meaningful name to help you quickly identify Threat Mitigator.
Under Control Manager Server Settings:
Type the Control Manager server IP address or host name.
Type the port number that the MCP agent uses to communicate with Control Manager.
If the Control Manager security is set to medium (Trend Micro allows HTTPS and HTTP communication between Control Manager and the MCP agent of managed products) or high (Trend Micro only allows HTTPS communication between Control Manager and the MCP agent of managed products), select Connect using HTTPS.
If your network requires authentication, type the user name and password for your IIS server in the Username and Password fields.
If you want Threat Mitigator to connect to Control Manager through a proxy server:
Select Use a proxy server to communicate with the Control Manager server.
Select the proxy protocol.
Type the server name or IP address and the port number.
If your proxy server needs authentication, type the user name and password in the fields provided.
If you use a NAT device, select Enable two-way communication port forwarding and type the NAT device’s IP address and port number in Port forwarding IP address and Port forwarding port number. Threat Mitigator uses the Port forwarding IP address and Port forwarding port number for two-way communication with Control Manager.
Configuring the NAT device is optional and depends on the network environment.
To check whether Threat Mitigator can connect to the Control Manager server based on the settings you specified, click Test Connection.
Click Register if connection was successfully established.
To check the Threat Mitigator status on the Control Manager console:
Open the Control Manager management console.
To open the Control Manager console, on any computer on the network, open a web browser and type the following:
https://<Control Manager server name>/Webapp/login.html
Where <Control Manager server name> is the IP address or host name of the Control Manager server
In Main Menu, click Products.
Locate Threat Mitigator in the Product Directory. You can use Directory Management to move Threat Mitigator to the correct location in the Product Directory.
To manage the connection with Control Manager after registration:
Administration > Control Manager Settings
Under Connection Status, do the following:
Check if the product can connect to Control Manager. If the product is not connected, restore the connection immediately.
Check the last heartbeat, which indicates the last communication between the MCP agent (and Threat Mitigator) and the Control Manager server.
If you change any of the settings after registration, click Update Settings to notify the Control Manager server of the changes.
If you want another Control Manager server to manage Threat Mitigator, click Unregister and then register Threat Mitigator to the other server.
See also: