Views:

Automate risk management in your environment.

Rules can automatically execute predetermined actions to respond to risk events based on conditions you specify.
Note
Note
At any stage of the rule creation process, you can:
  • Add additional components by clicking add_condition=20220217104515.jpg.
  • Delete any component by clicking trash_icon=GUID-47cf6867-6315-438e-8670-86ff36f22a28.png.

Procedure

  1. On the Secure Access Rules screen, click the Risk Control tab and then click Create Rule.
    The rule configuration screen appears.
  2. Click add_condition=20220217104515.jpg. Select New rule from the Create from drop-down list, specify a name and description, and then click Next.
    Tip
    Tip
    You can also create a rule from a template or from a Trend Micro recommended rules. Choosing a template may prefill or limit additional components.
  3. Select a condition from the list, and then specify the details of how the condition will be triggered.
    Conditions can check either devices or users.
    Note
    Note
    Some risk events in the rule templates may have been downgraded from “High risk” without notice. These risk events are no longer shown on the available risk event list.
  4. Select the weekly period that the rule is applied and (optional) the start and end dates of the schedule, and then click Next.
    Note
    Note
    The time uses the defined time zone of the console.
  5. Select users or devices targeted by the action, and then click Next.
    You can add additional conditions to check before taking actions by clicking add_condition=20220217104515.jpg to the right of your target.
  6. Click add_condition=20220217104515.jpg to the right of Do THIS, and then select an action type.
    The Edit Action dialog box appears.
  7. Select an action from the list and click Next.
    You can add revocation components by clicking add_condition=20220217104515.jpg to the right of your action.
  8. Select Enable or Disable to toggle the rule, and then click Save.