Policy Mapping Between Management Consoles | Trend Micro Service Central

Views:

Administrators may manage Endpoint Encryption using only PolicyServer MMC or manage Endpoint Encryption using Control Manager for policy, user and device management and PolicyServer MMC for advanced log management and reporting.

The following tables explain how policies are mapped between PolicyServer MMC and Control Manager. For environments using Control Manager to manage PolicyServer, use PolicyServer MMC to control any policy not listed in the table.

Table 1. Full Disk Encryption Policy Mapping
Control Manager Label	PolicyServer MMC Path
Encryption
Encrypt endpoint	Full Disk Encryption > Encryption > Encrypt Device
Client Settings
Bypass Full Disk Encryption preboot	Full Disk Encryption > Login > Preboot Bypass
Users are allowed to access system recovery tools on the device	Full Disk Encryption > Agent > Allow User Recovery
Notifications
If the endpoint is found, display the following message	Full Disk Encryption > Login > If Found
Display Technical Support contact information	Full Disk Encryption > Login > Support Info
Show legal notice	Full Disk Encryption > Login > Legal Notice
Show legal notice > Installation Show legal notice > Startup	Full Disk Encryption > Login > Legal Notice > Legal Notice > Legal Notice Display Time
Show legal notice	Full Disk Encryption > Login > Legal Notice > Legal Notice > Legal Notice Text

Table 2. File Encryption Policy Mapping
Control Manager Label	PolicyServer MMC Path
Folders to Encrypt
Folders to Encrypt text box	File Encryption > Encryption > Specify Folders to Encrypt
Encryption Key Used
Encryption Key Used	File Encryption > Encryption > Encryption Key Used
Storage Devices
Disable optical drives	File Encryption > Encryption > Disable Optical Drive
Disable USB drives	File Encryption > Encryption > Removable Media > Disable USB Drive
Encrypt all files and folders on USB drives	File Encryption > Encryption > Removable Media > Fully Encrypt Device
Specify the file path to encrypt on USB devices	File Encryption > Encryption > Removable Media > Folders to Encrypt On Removable Media
Notifications
Show legal notice	File Encryption > Login > Legal Notice
Show legal notice > Installation Show legal notice > Startup	File Encryption > Login > Legal Notice > Legal Notice Display Time
Show legal notice text box	File Encryption > Login > Legal Notice > Legal Notice Text

Table 3. Common Policy Mapping
Control Manager Label	PolicyServer MMC Path
Allow User to Uninstall
Allow non-administrator accounts to uninstall agent software	Full Disk Encryption > Agent > Allow User to Uninstall File Encryption > Agent > Allow User to Uninstall
Lockout and Lock Device Actions
Lock account after `<number>` days	Full Disk Encryption > Login > Account Lockout Period
Account lockout action	Full Disk Encryption > Login > Account Lockout Action
Failed logon attempts allowed	Full Disk Encryption > Login > Failed Login Attempts Allowed
Full Disk Encryption: Device locked action	Full Disk Encryption > Login > Device Locked Action
Full Disk Encryption: Number of minutes to lock device	Full Disk Encryption > Login > Lock Device Time Delay
File Encryption: Device locked action	File Encryption > Login > Device Locked Action
File Encryption: Number of minutes to lock device	File Encryption > Login > Lock Device Time Delay
Password
User must change password after `<number>` days	Common > Authentication > Local Login > User Password > Change Password Every
User cannot reuse the previous `<number>` passwords	Common > Authentication > Local Login > User Password > Password History Retention
Number of consecutive characters allowed in a password	Common > Authentication > Local Login > User Password > Consecutive Characters Allowed
Minimum length allowed for passwords	Common > Authentication > Local Login > User Password > Minimum Length
Password Character Requirements
Letters	Common > Authentication > Local Login > User Password > Require How Many Characters
Lowercase characters	Common > Authentication > Local Login > User Password > Require How Many Lower Case Characters
Uppercase characters	Common > Authentication > Local Login > User Password > Require How Many Upper Case Characters
Numbers	Common > Authentication > Local Login > User Password > Require How Many Numbers
Symbols	Common > Authentication > Local Login > User Password > Require How Many Special Characters

Table 4. Remote Help Policy Locations
Policy Name	PolicyServer MMC Menu Path	Control Manager Menu Path
Account Lockout Action	Login > Account Lockout Action	Common > Lockout and Lock Device Actions > Account Lockout Action
Account Lockout Period	Login > Account Lockout Period	Common > Lockout and Lock Device Actions > Lock account after [ ] days
Device Locked Action	For each agent: Login > Device Locked Action	For each agent: Common > Lockout and Lock Device Actions > Device locked action
Failed Login Attempts Allowed	For each agent: Login > Failed Login Attempts Allowed	For each agent: Common > Lockout and Lock Device Actions > Failed logon attempts allowed