Configuring Suspicious Object List Settings | Trend Micro Service Central

Views:

During Apex One registration to an on-premises Apex Central, Apex Central deploys an API key to Apex One to start the subscription process. To enable this automatic subscription process, check with the Apex Central administrator to ensure that Apex Central is connected to a Virtual Analyzer or that the Suspicious Object Lists have been manually populated.

For details on registering to the Apex Central server, see Registering Apex One to Apex Central.

Go to Administration > Settings > Suspicious Object List.
Select which list to enable on agents.
- Suspicious URL List
- Suspicious IP List (only available when subscribing to the registered Apex Central or Control Manager server)
- Suspicious File List (only available when subscribing to the registered Apex Central or Control Manager server)
- Suspicious Domain List (only available when subscribing to the registered Apex Central or Control Manager server)
Administrators can manually synchronize the Suspicious Object lists at any time by clicking the Sync Now button.
Under Update the Suspicious Object lists on Security Agents, specify when agents update the Suspicious Object lists.
- Based on the Security Agent component update schedule: Security Agents update the Suspicious Object lists based on the current update schedule.
- Automatically after updating the Suspicious Object lists on the server: Security Agents automatically update the Suspicious Object lists after the Apex One server receives updated lists.
Note:
Security Agents not configured to receive updates from Update Agents perform incremental updates of the subscribed Suspicious Object lists during synchronization.
Click Save.