Managing Suspicious Endpoints | Trend Micro Service Central

Table of Contents

The page you're looking for can't be found or is under maintenance

Try again later or go to the home page

Go to home page

Managing Suspicious Endpoints

Purpose: Manage Suspicious Endpoints, a security service that provides compliance and network access control for risky endpoints.

Location: Gateways > (gateway name) > NETWORK ACCESS CONTROL > Suspicious Endpoints > General

Procedure

Do the following:
- Enable Suspicious Endpoints.
- Select the action to take for out-of-compliance endpoints. Default is Monitor.
- Set the threshold for the number of C&C callback events that can occur within the specified time period before the action is triggered. The default is 50 events over 1 hour.
- Use the violation list to view information about endpoints that are in violation of the endpoint policy.
- If you do not want endpoints to be blocked, remove the selected endpoints from the violation list.