Views:

View, manage, and configure security module settings for your Endpoint Security Policies.

Important
Important
  • Policies, Threat Prevention, Access Control, Data Security Sensor, Sandbox Submission, Exclusions, and Brower Extention are "Pre-release" features and are not considered an official release. Please review the Pre-Release Disclaimer before using the feature.
  • These features are not available in all regions.
  • Configure your policy resources before creating a policy.
  • Navigating between the security modules or leaving the Policy Settings screen discards any unsaved changes. To avoid losing your work, always click Save before leaving the current screen.
Security modules consist of a collection of features and settings organized around endpoint agent capabilities. After you create a policy, you can view and edit the security module settings from the Policy Settings window. Security modules control a range of settings including monitoring levels, exclusions, rules, and user permissions. Some modules use policy resources to manage their settings. For more information, see Policy Resources.
Endpoint Security Policies supports configuring the following security modules:

Endpoint security policy modules

Category
Module name
Description
Threat Prevention
Actively protects endpoints by detecting and eliminating threats in real time
Use this module to set your Anti-Malware monitoring level, scheduled scans, and scan exclusions.
Protects against web threats by blocking access to malicious URLs
Use this module to set your Web Reputation scan settings, access rules, and port monitoring.
Protects your endpoints from known and zero-day vulnerability attacks
Use this module to configure rule statuses and recommendation settings.
Hardening Rules
Provides protection by regulating programs that trigger certain events in commonly targeted system areas
Support for configuring Hardening Rules is coming soon.
Access Control
Monitors endpoints for software changes and allows or blocks software actions based on configured settings and rules
Use this module to enable or disable Application Control rules. You can also enforce lockdown mode with Application Control.
Regulates access to external storage devices when connected to your endpoints
Use this module to configure device permissions and to specify allowed devices
Provides bidirectional stateful inspection of incoming and outgoing network traffic
Use this module to configure the firewall security level, enabled rules, and specify allowed programs.
Advanced Capabilities
Log Inspection
Helps identify important events within your operating system and application logs
Support for configuring Log Inspection is coming soon.
Integrity Monitoring
Scans for unexpected changes to registry values, keys, services, processes, installed software, ports, and files on endpoints
Support for configuring Integrity Monitoring is coming soon.
Cyber Risk & Security Operations
Analyzes endpoints for potential security posture weaknesses and performs vulnerability assessments
Use this module to enable or disable Advanced Risk Telemetry
Sends activity data for state-of-the-art threat detection and alerting
Previously called Endpoint sensor detection and response, use this module to configure the Endpoint Sensor monitoring level and deepfake detector.
Sends activity data to trace the movement of sensitive data within the Data Security module
Identity Security Sensor
Monitors your identity management solutions to ensure robust and effective identity security
Support for configuring Identity Security Sensor is coming soon.
Allows agents to automatically submit suspicious objects for analysis in a secure, virtual cloud sandbox environment
When enabled, you can view analysis results in Sandbox Analysis.
Management Settings
Manage exceptions across endpoint protection features
Use this module to manage rule exceptions and configure the trusted programs list.
Deploy the Trend Micro™ Toolbar for Enterprise browser extension to provide additional visibility and enhanced monitoring capabilities for endpoint protection features
Browser extension helps enhance monitoring and detection for Web Reputation, Suspicious Objects, and Data Security.
Provides a user interface on the endpoint for users to interact with the Trend Vision One Endpoint Security agent
Use this module to configure endpoint user permissions to interact with the agent, perform manual scans, receive notifications, and terminate the agent program.