Settings | TrendAI™

Views:

Configure additional settings in the Policy and Computer editor to manage agent behavior.

You can access Settings by opening the Policy or Computer editor and navigating to Settings in the feature list. Settings is divided into five categories:

General
Container Protection
Advanced
Scanner
Event Forwarding

Note

Some settings might not appear depending on your environment, agent configuration, supported features or what permissions your account has.

The following settings are available:

Category

Section

Setting

Description

General

Communication Direction

Direction of Workload Security Manager to Agent/Appliance communication

Specify how to initiate communication between agents and the protection manager

Heartbeat

Maximum change (in minutes) of the local system time on the computer between heartbeats before an alert is rasied

Configure the maximum time between heartbeats before an alert is generated for the agent

A heartbeat is how often an agent checks in with TrendAI Vision One™. Typical heartbeat period is five (5) minutes.

Send Policy Changes Immediately

Automatically send Policy changes to computers

Configure whether to send policy changes immediately or to wait for the next time the agent connects with TrendAI Vision One™

Engine Update

Automatically update anti-malware engine

Configure whether to automatically apply updates

Kernel Package Update

Automatically update kernel package when agent restarts

Configure whether to automatically apply updates

Only applies to Linux agents.

Choose whether to use Drivers for System Protection

Select AV driver mode for protection modules and event generation

Configure whether to use kernel mode or user mode to run protection for Anti-Malware and Activity Monitoring

Select Network driver mode for protection modules and event generation

Configure whether to use kernel mode or user mode to run protection for Firewall, Intrusion Prevention, and Web Reputation

Troubleshooting

Logging Level

Configure the logging level for generating logs for troubleshooting

Agent Self Protection

Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent

Configure if end-users can remove the agent

Disable this setting if you plan to remove or reinstall the agent.

Local override requires password

Configure if a password is needed to override agent self protection

Password

Specify a password for override

Confirm password

Confirm the override password

Recommendations

Note

Recommendations is an Endpoint Security Pro feature. Enabling this setting might require additional credits for assigned endpoints. For more information, see How are credits calculated for TrendAI Vision One™ Endpoint Security?

Perform ongoing Recommendation Scans

Enable or disable recommendation scans

Ongoing Scan Interval

Set how often to run recommendation scans

Network Setting for Census, Good File Reputation, and Predictive Machine Learning Service

Enable Census query

Configure whether to allow Census query

Enable Good File Reputation query

Configure whether to allow Good File Reputation query

Inherited

Select to use inherited settings for connecting to the TrendAI™ Global Server

Note

TrendAI™ recommends using Runtime Proxy Settings to configure proxy use in Endpoint Inventory. For more information, see Runtime Proxy Settings.

Connect directly to Global Server

Select to allow the agent to connect directly to the TrendAI™ Global Server

When accessing Global Server, use proxy

Select to use a proxy and specify the proxy to use

Notifications

Suppress all pop-up detection notifications on host

Configure whether to stop the agent from displaying notifications on the endpoint

Environmental Variable Overrides

Click View Environmental Variables... to add or remove variable overrides

Inactive Agent Cleanup Override

This setting is now managed by Endpoint Inventory. For more information, see Endpoint Settings.

CPU Usage Control

Control the agent CPU usage (applicable to real-time Anti-Malware and Activity Monitoring

Limit how much the agent can use CPU resources

Container Protection

Note

Container Protection is an Endpoint Security Pro feature. Enabling these settings might require additional credits for assigned endpoints. For more information, see How are credits calculated for TrendAI Vision One™ Endpoint Security?

Real-time Scan

Scan and monitor container file activities in real time

Enable real-time scanning of container files

Firewall

Scan container network traffic

Enable Firewall to scan container network traffic

Intrusion Prevention

Scan container network traffic

Enable Intrusion Prevention to scan container network traffic

Advanced

Events

Maximum size of the event log files (on Agent/Appliance)

Limit the size of log files

Number of event log files to retain (on Agent/Appliance)

Limit the number of log files kept on the endpoint

Do not record events with source IP of

Select an IP list to exclude from logging events

Cache Size

Set the cache size

Cache Lifetime

Set how long to maintain the cache before purging

Cache Stale time

Set how long before a cache is considered stale

Agent configuration Size Warning

Generate an Alert when Agent configuration package exceeds maximum size

Configure whether to generate an alert if the agent configuration package is too large

Network Engine Settings

Configure advanced settings for the Network Engine. For more information, see Network engine settings

Scanner

SAP

Note

SAP is a SAP Scanner for Endpoint Security - Pro feature. Enabling SAP settings might require additional credits for assigned endpoints. For more information, see How are credits calculated for TrendAI Vision One™ Endpoint Security?

SAP Scanner configuration

Enable or disable the SAP Scanner feature

Event Forwarding

Event Forwarding Frequency (from the Agent/Appliance)

Period between sending of events

Configure how often agents send events to TrendAI Vision One™

Event Forwarding Configuration (from the Agent/Appliance)

Anti-Malware Syslog Configuration