Views:
Using the Apex Central console, administrators can configure scan actions that certain managed products take after detecting specific suspicious objects in the Virtual Analyzer Suspicious Objects list or the User-Defined Suspicious Objects list.

Scan Action Product Support

Product
Virtual Analyzer List
User-Defined List
Apex One (any version)
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • IP address: Log, Block
  • URL: Log, Block
  • Domain: Log, Block
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • File SHA-1: Log, Block
  • IP address: Log, Block
  • URL: Log, Block
  • Domain: Log, Block
OfficeScan XG SP1 (or later)
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • IP address: Log, Block
  • URL: Log, Block
  • Domain: Log, Block
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • IP address: Log, Block
  • URL: Log, Block
  • Domain: Log, Block
Deep Security Manager 10.0 (or later)
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • URL: Log, Block
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • URL: Log, Block
  • Deep Discovery Inspector 5.0 (or later)
  • Deep Discovery Email Inspector 3.0 (or later)
Synchronizes the following suspicious object types:
  • File: No scan actions performed
  • IP address: No scan actions performed
  • URL: No scan actions performed
  • Domain: No scan actions performed
Synchronizes the following suspicious object types:
  • File: No scan actions performed
  • IP address: No scan actions performed
  • URL: No scan actions performed
  • Domain: No scan actions performed
InterScan Messaging Security Virtual Appliance 9.1 (or later)
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • File SHA-1: Log, Block, Quarantine
InterScan Web Security Virtual Appliance 6.5 SP2 Patch 4 (or later)
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • File SHA-1: Log, Block, Quarantine
  • IP address: Log, Block
  • URL: Log, Block
  • Domain: Log, Block
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • File SHA-1: Log, Block, Quarantine
  • IP address: Log, Block
  • URL: Log, Block
  • Domain: Log, Block
Trend Micro Endpoint Application Control 2.0 SP1 Patch 1 (or later)
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • File SHA-1: Log, Block, Quarantine
Cloud App Security 5.0 (or later)
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • URL: Log, Block
Performs actions against the following suspicious object types:
  • File: Log, Block, Quarantine
  • URL: Log, Block
  • Smart Protection Server 3.3 Patch 2 (or later)
  • OfficeScan 11.0 SP1 (or later) integrated Smart Protection Server
  • Trend Micro products that send Web Reputation queries to a supported Smart Protection Server
Managed products perform actions against the following suspicious object types during Web Reputation queries:
  • URL: Log, Block
Managed products perform actions against the following suspicious object types during Web Reputation queries:
  • URL: Log, Block
Important
Important
Smart Protection Server classifies all URLs in the User-Defined Suspicious Objects list as High risk.
Note
Note
Only certain managed products can directly perform the actions configured in Apex Central on suspicious URL objects. Other managed products take action on suspicious URL objects based on the product's configured Web Reputation settings.
Logs that display on the managed products may not contain information related to suspicious object detections. Apex Central interprets logs sent from the managed product and displays the suspicious object detection on the Apex Central console.