Registering to Apex Central or Control Manager

Procedure

1. Click Administration → Apex Central Settings.
   The Apex Central Settings screen displays.
2. Select Enable communication between the ScanMail MCP agent and Apex Central.
3. Under Connection Settings, type the name of the ScanMail server in the Entity display name field.
4. Under Apex Central Server Settings specify the following:
   1. Type the Apex Central server IP address or host name in the Server FQDN or IP address field.
   2. If you have Apex Central security set to medium (HTTPS and HTTP communication is allowed between Apex Central and the MCP agent of managed products), select Connect through HTTPS.
   3. If the network requires authentication, type the user name and password for the IIS server in the Username and Password fields.
5. Under MCP Proxy Settings, configure the following:
   1. If you want to use a proxy server for communication with the Apex Central, select Use a proxy server for communication with the Apex Central server.
   2. Type the port number that the MCP agent uses to communicate with Apex Central.
   3. Select the proxy protocol.
   4. Type the proxy server IP address or host name in the Server FQDN or IP address field.
   5. If you have Apex Central security set to medium (HTTPS and HTTP communication is allowed between Apex Central and the MCP agent of managed products), select Connect through HTTPS.
   6. If the proxy server requires authentication, type the user ID and password for the proxy server in the User ID and Password fields.
6. Under Two Way Communication Port Forwarding, if using a NAT device, select Enable two-way communication port forwarding and type the NAT device's IP address and port number in IP address and port number.
7. Under Spam Logs, select Send spam logs to Apex Central, if you want to send spam logs to Apex Central.

   Note All other filter logs will be uploaded by default once Apex Central is registered.

8. Under Unscannable Message Parts Logs, select the specific types of unscannable message parts logs you want to send to Apex Central.

   Note The settings for unscannable message parts can be found in Security Risk Scan → Action → Unscannable Message Parts.

9. Under Suspicious Objects, configure the following:
   1. Select Enable Suspicious Objects List, if you want ScanMail to leverage the suspicious objects list from the Apex Central. ScanMail synchronizes the consolidated suspicious objects list (including the Virtual Analyzer and User-defined objects) to apply to Security Risk Scan.
   2. Select Enable Suspicious Objects Detection Notification, to receive notifications about suspicious objects detections. The details of Security Risk Scan detection follow its notification settings.
   ScanMail leverages the Smart Protection Network to detect suspicious objects in URLs. The scanning and decision processes for the suspicious objects in files follows the following priority:

   User defined Suspicious Object > Pattern based local scan > Virtual Analyzer reported Suspicious Object.

   The action mapping in ScanMail for the Apex Central settings is defined in the following table.

   Action mapping table for suspicious objects

   Type	Apex Central Action Setting	ScanMail Action
   File suspicious objects	Log	Pass
   	Block	Replace with text/file
   	Quarantine	Quarantine entire message (Real-time scan) Quarantine message part (Manual/Schedule scan)

   Note Refer to Connected Threat Defense Primer document from the Trend Micro Apex Central documentation set for more information on Suspicious Objects and Suspicious Objects Lists.