Views:
Trend Micro ScanMail for Microsoft Exchange ("ScanMail") protects your Exchange mailbox servers. Once installed, ScanMail can protect your servers from viruses/malware, Trojans, worms, spyware/grayware and malicious URLs. It also sustains business and network integrity by filtering spam messages and messages containing undesirable or unwanted content.
The following features are available on the Cloud App Security management console if ScanMail is registered on Cloud App Security:
  • View and query policy violation logs from one or several ScanMail servers deployed within your organization. (ScanMail 14.0 Patch 2 or later)
  • Manage quarantined email messages on one or several ScanMail servers deployed within your organization. (ScanMail 14.0 Patch 3 or later)
Related information

Before Registration

Before you begin the registration, make sure that
  • You have installed ScanMail for Microsoft Exchange 14.0 Patch 2 or later.
  • You have a Customer Licensing Portal (CLP) or Licensing Management Platform (LMP) account to access the Cloud App Security management console.
If you do not have CLP or LMP account, perform the following steps to get an account for a 30-day free trial.

Procedure

  1. Open the logon page of the Cloud App Security management console based on the country where you want to use the service.
    Cloud App Security Management Console Logon URL
    Serving Site
    admin-eu.tmcas.trendmicro.com
    EU
    admin.tmcas.trendmicro.co.uk
    UK
    admin.tmcas.trendmicro.co.jp
    Japan
    admin-au.tmcas.trendmicro.com
    Australia and New Zealand
    admin-ca.tmcas.trendmicro.com
    Canada
    admin.tmcas.trendmicro.com.sg
    Singapore
    admin.tmcas.trendmicro.com
    US
    admin-in.tmcas.trendmicro.com
    India
    admin-in.tmcas.trendmicro.com
    India
    admin-mea.tmcas.trendmicro.com
    Middle East (UAE)
  2. Do either of the following:
    • Click Start Your Free Trial and provide the information as required.
      You will receive a confirmation email where you can find your trial account information and your serving site.
    • Click Contact Reseller to find a reseller and request for a free trial.

Registering a ScanMail Server to Cloud App Security

Procedure

  1. Generate a registration token on the Cloud App Security management console.
    1. Log on to the Cloud App Security management console using the CLP or LMP account.
    2. Go to AdministrationService Account.
    3. Click Add and then select Exchange Server from the drop-down list.
      A registration token is generated and shown in the table on the screen.
  2. Configure Cloud App Security integration settings on the ScanMail management console, and register to Cloud App Security.
    1. Log on to the management console of the ScanMail server that you want to register with Cloud App Security.
    2. Go to Cloud App SecurityCloud App Security Settings.
    3. In the Cloud App Security Settings section, configure the following:
      • Service URL: Cloud App Security service IP address. Specify the service URL based on your serving site:
        Serving Site
        Service URL
        EU
        api-eu.tmcas.trendmicro.com
        UK
        api.tmcas.trendmicro.co.uk
        Japan
        api.tmcas.trendmicro.co.jp
        Australia and New Zealand
        api-au.tmcas.trendmicro.com
        Canada
        api-ca.tmcas.trendmicro.com
        Singapore
        api.tmcas.trendmicro.com.sg
        US
        api.tmcas.trendmicro.com
        India
        api-in.tmcas.trendmicro.com
        Middle East (UAE)
        api-mea.tmcas.trendmicro.com
      • Registration token: Registration token that you have generated on the Cloud App Security management console in Step 1.
    4. If you need to use a proxy server, select Use a proxy server to connect to Cloud App Security and then configure the following information:
      • Host name or IP address: Proxy server host name or IP address
      • Port: Proxy server port number
      • User name and Password for proxy server authentication
    5. Click Register.
    6. Select Enable Cloud App Security Integration after registration completes.
    7. Click Save.
  3. Optionally replicate the Cloud App Security integration settings to other ScanMail servers that you want to register to Cloud App Security.
    For more information about how to replicate Cloud App Security integration settings to other ScanMail servers, see https://<ScanMail server IP address>:16373/smex/online_help/webhelp/Using-Server-Managem.html.
    Note
    Note
    <ScanMail server IP address> is the IP address of the ScanMail server that you want to apply this feature. Replace <ScanMail server IP address> with the actual server IP address.
  4. Go to the Cloud App Security management console and then navigate to AdministrationService Account.
    The number of ScanMail servers that are successfully registered to Cloud App Security displays under Status.

Viewing Policy Violation Logs on Cloud App Security

Procedure

  1. In Cloud App Security, go to Logs.
  2. Select Exchange Server under Scan Source from the left area.
  3. Specify search criteria in either of the following ways:
    • Select facets from the left area.
    • Specify facets in the Search bar, select a date range, and then click Search.
      This allows you to select one or several facets and specify keywords to query items on a more fine-grained level. For more information about how to query logs, see Searching Logs.
  4. Optionally save and view log data after performing a search.

Managing Quarantine Email Messages on Cloud App Security

Procedure

  1. In Cloud App Security, go to Quarantine.
  2. Select Exchange Server under Service from the left area.
  3. View the email messages quarantined on a ScanMail server or search for the quarantined email messages as necessary.
    For more information about how to search quarantined items, see Searching Quarantine.
    Facet
    Description
    Security Filter
    Security filter that detected a threat in an email message
    Status
    Current status of a quarantined email message violating a policy configured on the corresponding ScanMail server
  4. Select one or several email messages, and then click Restore or Delete to restore or delete them.
    For more information about how to manage the quarantined email messages, see Managing Quarantine.
    Note
    Note
    Download does not apply in this case.
    You can restore or delete an email message on either the Cloud App Security management console or the corresponding ScanMail management console.
    • If an email message is successfully restored or deleted on the ScanMail management console, it will be removed from the quarantine list on the Cloud App Security management console.
    • If an email message is restored or deleted on the Cloud App Security management console, it will be removed from the quarantine list on the Cloud App Security management console. Go to LogsType: Quarantine to view the status of the message.

Unregistering a ScanMail Server from Cloud App Security

Procedure

  1. Log on to the management console of the ScanMail server that you want to unregister from Cloud App Security.
  2. Go to Cloud App SecurityCloud App Security Settings.
  3. Click Unregister and then click OK on the confirmation dialog box.

Extending the Token Expiration Time

When the registration token is about to expire, you can extend the token expiration time to continue managing ScanMail on Cloud App Security without reregistering ScanMail.

Procedure

  1. In Cloud App Security, go to AdministrationService Account.
  2. Select the registration token for Exchange Server and click Extend Expiration Time.

Deleting the Registration Token

Procedure

  1. In Cloud App Security, go to AdministrationService Account.
  2. Select the registration token and click Remove.
    Note
    Note
    You can delete the registration token only when no ScanMail server is registered to Cloud App Security.