Control Manager 6.0
> Administering the Database
Online Help Center Home
Home
What’s New in This Version
Control Manager Documentation
Document Conventions
Introducing Trend Micro Control Manager
Control Manager Standard and Advanced
Introducing Control Manager Features
Understanding Trend Micro Management Communication Protocol
Reduced Network Loading and Package Size
NAT and Firewall Traversal Support
HTTPS Support
One-Way Communication
Two-Way Communication
Single Sign-on (SSO) Support
Control Manager Architecture
Trend Micro Smart Protection Network
Email Reputation
File Reputation Services
Web Reputation Services
Smart Feedback
Getting Started with Control Manager
Using the Management Console
Main Menu
Drop-Down Menu
Working Area
Help Menu
Understanding the Function-Locking Mechanism
Accessing the Management Console
Accessing the Web Console Locally from the Control Manager Server
Accessing the Console Remotely
Changing Access to the Management Console
Assigning HTTPS Access to the Control Manager Web Console
Configuring Web Console Settings
Configuring Command Time-out Settings
Logging Off from the Management Console
Configuring User Access
Understanding User Access
Root Account Information
Understanding User Roles
About Adding User Roles
Adding a User Role
About Editing User Roles
Editing a User Role
Understanding User Accounts
Setting Access Rights
About Adding/Importing User Accounts
Adding/Importing a User Account
About Editing User Accounts
Editing a User Account
Disabling a User Account
Deleting a User Account
Understanding My Account
Understanding User Groups
Adding a User Group
Editing a User Group
Deleting a User Group
Product Directory Basics
Understanding the Product Directory
Grouping Managed Products Using Directory Management
Product Directory Structure Recommendations
Default Folders for the Product Directory
Accessing the Product Directory
Understanding Cascading Management
Downloading and Deploying Components
Downloading and Deploying New Components
Manually Downloading Components
Understanding Scheduled Download Exceptions
Configuring Scheduled Download Exceptions
Configuring Scheduled Downloads
Configuring Scheduled Download Schedule and Frequency
Configuring Scheduled Download Settings
Configuring Scheduled Download Automatic Deployment Settings
Understanding Deployment Plans
Creating Deployment Plans
Modifying a Deployment Plan
Duplicating a Deployment Plan
Removing a Deployment Plan
Configuring Proxy Settings
Configuring Update/Deployment Settings
Enabling HTTPS Download
Enabling UNC Download
Setting "Log on as batch job" Policy
Working with the Dashboard and Widgets
Using the Dashboard
User Accounts and the Dashboard
Understanding Tabs
Default Tabs
Summary Tab
DLP Incident Investigation Tab
Data Loss Prevention Tab
Compliance Tab
Threat Detection Tab
Smart Protection Network Tab
Adding Tabs
Configuring Tab Settings
Understanding Widgets
Widget Settings
Configuring Active Directory and Endpoint Protection Verification Widget Settings
Endpoint Encryption Connection Settings
Using Widgets
Detailed Widget Information
Widget List
Configuring Widgets
Editing Widgets
Adding Widgets
Configuring Smart Protection Network Settings
Configuring Deep Security Management Server Connection Settings
Using Command Tracking
Understanding Command Tracking
Understanding Command Details
Managed Products or Services Involved
Details for Individual Products or Services
Querying and Viewing Commands
Using Notifications
Understanding Event Center
Alert Events
Update Alert Events
Unusual Alert Events
Security Violation Events
Data Loss Prevention Events
Customizing Notification Messages
Enabling or Disabling Notifications
Understanding Notification Methods
Configuring Notification Method Settings
Configuring Notification Recipients and Testing Notification Delivery
Configuring Alert Settings
Configuring Virus Outbreak Alert Settings
Configuring Special Virus Alert Settings
Configuring Special Spyware/Grayware Alert Settings
Configuring Network Virus Alert Settings
Configuring Potential Vulnerability Attack Detected Settings
Configuring C&C Callback Alert Settings
Configuring C&C Callback Outbreak Alert Settings
Configuring Data Loss Prevention Settings
Configuring Significant Incident Increase Settings
Configuring Scheduled Incident Summary Settings
Configuring Incident Details Updated Settings
Working with Logs
Using Logs
Understanding Control Manager Generated Logs
Understanding Managed Product Logs
Understanding Log Aggregation
Configuring Log Aggregation Settings
Querying Log Data
Understanding Data Views
Product Information
Security Threat Information
Data Protection Information
Data View Terminology
Understanding Ad Hoc Queries
Performing an Ad Hoc Query
Working with Saved and Shared Ad Hoc Queries
Editing Saved Ad Hoc Queries
Sharing Saved Ad Hoc Queries
Working With Shared Ad Hoc Queries
Deleting Logs
Configuring Automatic Log Deletion Settings
Working with Reports
Understanding Reports
Understanding Control Manager Report Templates
Understanding Control Manager 5 Templates
Understanding Control Manager 3 Templates
Adding Control Manager 5 Report Templates
Understanding One-time Reports
Adding One-time Reports
Understanding Scheduled Reports
Adding Scheduled Reports
Enabling/Disabling Scheduled Reports
Viewing Generated Reports
Viewing One-Time Reports
Viewing Scheduled Reports
Configuring Report Maintenance
Understanding My Reports
MCP and Control Manager Agents
Understanding Agents
Understanding Communicators
Understanding Connection Status Icons
Understanding Control Manager Security Levels
Using the Agent Communication Schedule
Understanding the Agent/Communicator Heartbeat
MCP Heartbeat
Using the Schedule Bar
Determining the Right Heartbeat Setting
Configuring Agent Communication Schedules
Setting an Agent Communication Schedule for a Managed Product
Modifying the Default Agent Communication Schedule
Configuring the Agent Communicator Heartbeat
Stopping and Restarting Control Manager Services
Modifying the Control Manager External Communication Port
Changing the External Communication Port on the Control Manager Server
Modifying the Security Level for TMI Agents
Modifying the Communicator Heartbeat Protocol
Verifying the Communication Method Between MCP and Control Manager
Verifying Control Manager Uses Two-way Communication
Verifying Control Manager Uses Two-way Communication from the Web Console
Understanding Control Manager Agent Remote Installation
Managing Managed Products
Manually Deploying Components Using the Product Directory
Viewing Status Summaries for Managed Products
Accessing Through the Dashboard
Accessing Through the Product Directory
Configuring Managed Products
Issuing Tasks to Managed Products
Querying and Viewing Managed Product Logs
About Recovering Managed Products Removed From the Product Directory
Recovering Managed Products Removed From the Product Directory
Changing Control Manager 2.x Agent Connection Re-Verification Frequency
Searching for Managed Products, Product Directory Folders, or Computers
Searching for a Folder or Managed Product
Performing an Advanced Search
Refreshing the Product Directory
Understanding the Directory Management Screen
Using the Directory Management Screen Options
Using the Directory Management Screen
Accessing the Directory Management Screen
Creating Folders
Renaming Folders or Managed Products
Moving Folders or Managed Products
Deleting User-Defined Folders
Activating Control Manager and Managed Products
Activating and Registering Managed Products
Understanding License Management
Activating Managed Products
Renewing Managed Product Licenses
Renewing Managed Product Licenses from the License Management Screen
Renewing Managed Product Licenses from the Product Directory
About Activating Control Manager
Understanding License Information
Activating Control Manager
Renewing Maintenance for Control Manager or Managed Service
Renewing Maintenance Using Check Status Online
Renewing Maintenance by Manually Entering an Updated Activation Code
Managing Child Servers
Understanding Parent-Child Communication
Registering or Unregistering Child Servers
Registering a Child Server
Checking the Status in the Control Manager Web Console
Unregistering a Child Server
Accessing the Cascading Folder
Viewing Child Server Status Summaries
Configuring Log Upload Settings
Enabling or Disabling Child Server Connection
Issuing Tasks to Child Servers
Viewing Child Server Reports
Refreshing the Product Directory
Renaming a Child Server
Removing Child Servers Accidentally Removed from the Cascading Manager
Policy Management
Understanding Policy Management
Understanding Policy Types
Assigning Endpoints to Filtered Policies
Understanding the Policy List
Creating a Policy
Changing Setting Permissions
Copying Policy Settings
Editing a Policy
Deleting a Policy
Reordering the Policy List
Understanding the Managed Server List
Adding a Server
Editing a Server
Configuring the Proxy Settings
Updating the Policy Templates
Understanding Data Loss Prevention
Data Identifier Types
Expressions
Predefined Expressions
Viewing Settings for Predefined Expressions
Customized Expressions
Criteria for Customized Expression
Creating a Customized Expression
Importing Customized Expressions
File Attributes
Creating a File Attribute List
Importing a File Attribute List
Keywords
Predefined Keyword Lists
How Keyword Lists Work
Customized Keyword Lists
Customized Keyword List Criteria
Creating a Keyword List
Importing a Keyword List
Data Loss Prevention Templates
Predefined DLP Templates
Customized DLP Templates
Condition Statements and Logical Operators
Creating a Template
Importing Templates
Investigating Data Loss Prevention Incidents
Administrator Tasks
Setting Up Manager Information in Active Directory Users
Understanding DLP User Roles
Creating DLP Auditing Logs
DLP Incident Review Process
Understanding the Incident Information List
Reviewing Incident Details
Administering the Database
Understanding the Control Manager Database
Understanding the db_ControlManager Tables
Backing Up db_ControlManager Using osql
Restoring Backup db_ControlManager Using osql
Backing Up db_ControlManager Using SQL Server Management Studio
Restoring Backup db_ControlManager Using SQL Server Management Studio
Shrinking db_ControlManager_log.ldf Using SQL Server Management Studio
Shrinking the db_ControlManager_log.ldf File Size on Windows Server 2008/2005 SP 3
Shrinking the db_ControlManager_log.ldf File Size on Windows Server 2005
Shrinking db_ControlManager.mdf and db_ControlManager.ldf Using SQL Commands
Using Trend Micro Services
Understanding Trend Micro Services
Understanding Enterprise Protection Strategy
Highlighting the Value of EPS
Understanding Outbreak Prevention Services
Benefits of Outbreak Prevention Services
Activating Outbreak Prevention Services
Viewing Outbreak Prevention Services Status
Preventing Virus Outbreaks and Understanding Outbreak Prevention Mode
Understanding Outbreak Prevention Policies
Accessing the Outbreak Prevention Services Settings Screen
Updating Outbreak Prevention Policies
Updating Outbreak Prevention Policies Manually
Configuring Automatic Updates for Outbreak Prevention Policies
Starting Outbreak Prevention Mode
Editing an Outbreak Prevention Policy
Setting Automatic Outbreak Prevention Mode
Configuring Outbreak Prevention Mode Download Settings
Stopping Outbreak Prevention Mode
Viewing Outbreak Prevention Mode History
Using Outbreak Prevention Mode
Step 1: Identifying the Source of the Outbreak
Step 2: Evaluating Existing Policies
Step 3: Starting Outbreak Prevention Mode
Step 4: Follow-Up Procedures
Using Control Manager Tools
Using Agent Migration Tool (AgentMigrateTool.exe)
Using the Control Manager MIB File
Using the NVW Enforcer SNMPv2 MIB File
Using the DBConfig Tool
Getting Support
Before Contacting Technical Support
Contacting Technical Support
Resolve Issues Faster
TrendLabs
Other Useful Resources
Control Manager System Checklists
Server Address Checklist
Ports Checklist
Control Manager 2.x Agent Installation Checklist
Control Manager Conventions
Core Process and Configuration Files
Communication and Listening Ports
Control Manager Product Version Comparison
Data Views
Data Views: Product Information
License Information
Product License Status
Product License Information Summary
Detailed Product License Information
Managed Product Information
Product Distribution Summary
Product Status Information
ServerProtect and OfficeScan Server/Domain Status Summary
Product Event Information
Component Information
Engine Status
Pattern/Rule Status
Product Component Deployment
Engine Status Summary
Pattern/Rule Status Summary
Control Manager Information
User Access Information
Control Manager Event Information
Command Tracking Information
Detailed Command Tracking Information
Data View: Security Threat Information
Virus/Malware Information
Overall Virus/Malware Summary
Overall Virus/Malware Type Summary
Virus/Malware Source Summary
Virus/Malware Endpoint Summary
Web Violation Detection Over Time Summary
Virus/Malware Action/Result Summary
Detailed Virus/Malware Information
Detailed Endpoint Virus/Malware Information
Web Virus/Malware Information
Email Virus/Malware Information
Network Virus/Malware Information
Spyware/Grayware Information
Overall Spyware/Grayware Summary
Spyware/Grayware Source Summary
Endpoint Spyware/Grayware Summary
Spyware/Grayware Detection Over Time Summary
Spyware/Grayware Action/Result Summary
Detailed Spyware/Grayware Information
Detailed Endpoint Spyware/Grayware
Web Spyware/Grayware
Email Spyware/Grayware
Network Spyware/Grayware
Content Violation Information
Content Violation Policy Summary
Content Violation Sender Summary
Content Violation Detection Over Time Summary
Content Violation Action/Result Summary
Detailed Content Violation Information
Spam Violation Information
Spam Recipient Summary
Spam Detection Over Time Summary
Detailed Spam Information
Spam Connection Information
Policy/Rule Violation Information
Detailed Firewall Violation Information
Security Threat Endpoint Analysis Information
Detailed Endpoint Security Compliance Information
Detailed Application Activity
Web Violation/Reputation Information
Overall Web Violation Summary
Web Violation Endpoint Summary
Web Violation URL Summary
Web Violation Filter/Blocking Type Summary
Web Violation Detection Over Time Summary
Web Violation Detection Summary
Detailed Web Violation Information
Detailed Web Reputation Information
Suspicious Threat Information
Overall Suspicious Threat Summary
Suspicious Source Summary
Suspicious Riskiest Endpoints Summary
Suspicious Riskiest Recipient Summary
Suspicious Sender Summary
Suspicious Threat Protocol Detection Summary
Suspicious Threat Detection Over Time Summary
Detailed Suspicious Threat Information
Overall Threat Information
Network Security Threat Analysis Information
Network Protection Boundary Information
Security Threat Entry Analysis Information
Security Threat Source Analysis Information
Security Threat Endpoint Analysis Information
C&C Callback Information
Data View: Data Protection Information
Data Loss Prevention Information
DLP Incident Information
DLP Template Match Information
IPv6 Support in Control Manager
Control Manager Server Requirements
IPv6 Server Limitations
Configuring IPv6 Addresses
Screens That Display IP Addresses
Checking Policy Status
Policy Status
Templates for Policy Management
Deep Discovery Inspector Product Settings
Adding Monitored Network Groups
Adding Registered Services
Configuring Virtual Analyzer Settings
IMSVA Product Settings
IMSVA Rules
Adding IMSVA Rules
Step 1: Set Rule Name
Step 2: Select Recipients and Senders
Configuring Exceptions
Using the Asterisk Wildcard
Step 3: Select Templates
Step 4: Select Actions
Modifying Existing IMSVA Rules
Deleting IMSVA Rules
OfficeScan Client Settings
Enabling or Disabling the Client Services from the Web Console
Configuring Malware Behavior Blocking, Event Monitoring, and the Exception List
Event Monitoring
Managing Access to External Devices
Permissions for Storage Devices
Configuring Advanced Permissions
Advanced Permissions for Storage Devices
Specifying a Digital Signature Provider
Specifying a Program Path and Name
Configuring an Approved List of USB Devices
Device List Tool
Running the Device List Tool
Configuring a Manual Scan
Files to Scan
Scan Settings
CPU Usage
Scan Exclusions
Wildcard Exceptions
Scan Exclusion List (Directories)
Scan Exclusion List (Files)
Scan Exclusion List (File Extensions)
Apply Scan Exclusion Settings to All Scan Types
Virus/Malware Scan Actions
Use ActiveAction
Use the Same Action for all Virus/Malware Types
Use a Specific Action for Each Virus/Malware Type
Back Up Files Before Cleaning
Quarantine Directory
Damage Cleanup Services
Spyware/Grayware Scan Actions
Configuring Client Privileges and Other Settings
OfficeScan Client Roaming Privilege
Scan Type Privileges
Scheduled Scan Privileges and Other Settings
Granting Scheduled Scan Privileges and Displaying the Privilege Notification
Postpone Scheduled Scan
Skip and Stop Scheduled Scan
Scheduled Scan Privilege Notification
Firewall Privileges
Behavior Monitoring Privileges
Mail Scan Privileges and Other Settings
Granting Mail Scan Privileges and Enabling POP3 Mail Scan
SecureClient Support Installation
Proxy Configuration Privileges for Clients
Update Privileges and Other Settings for OfficeScan Clients
Perform "Update Now"
Enable Scheduled Update
Clients Download Updates From the Trend Micro ActiveUpdate Server
Clients Can Update Components but not Upgrade the Client Program or Deploy Hot Fixes
The OfficeScan Client Uninstallation Program
Granting the OfficeScan Client Uninstallation Privilege
OfficeScan Client Unloading
Granting the Client Unloading Privilege
Web Threat Notifications for Client Users
Client Self-protection
Protect OfficeScan Client Services
Protect Files in the OfficeScan Client Installation Folder
Protect OfficeScan Client Registry Keys
Protect OfficeScan Client Processes
Cache Settings for Scans
Digital Signature Cache
On-demand Scan Cache
OfficeScan Client Security
OfficeScan Client Console Access Restriction
Security Risk Notifications for OfficeScan Client Users
Configuring Real-time Scan Settings
User Activity on Files
Files to Scan
Scan Settings
Scan Exclusions
Wildcard Exceptions
Scan Exclusion List (Directories)
Scan Exclusion List (Files)
Scan Exclusion List (File Extensions)
Apply Scan Exclusion Settings to All Scan Types
Virus/Malware Scan Actions
Use ActiveAction
Use the Same Action for all Virus/Malware Types
Use a Specific Action for Each Virus/Malware Type
Display a Notification Message When Virus/Malware is Detected
Display a Notification Message When Probable Virus/Malware is Detected
Back Up Files Before Cleaning
Quarantine Directory
Damage Cleanup Services
Spyware/Grayware Scan Actions
Display a Notification Message When Spyware/Grayware is Detected
Managing the Spyware/Grayware Approved List
Scan Methods
Configuring Scan Now Settings
Files to Scan
Scan Settings
CPU Usage
Scan Exclusions
Wildcard Exceptions
Scan Exclusion List (Directories)
Scan Exclusion List (Files)
Scan Exclusion List (File Extensions)
Apply Scan Exclusion Settings to All Scan Types
Virus/Malware Scan Actions
Use ActiveAction
Use the Same Action for all Virus/Malware Types
Use a Specific Action for Each Virus/Malware Type
Back Up Files Before Cleaning
Quarantine Directory
Damage Cleanup Services
Spyware/Grayware Scan Actions
Configuring a Scheduled Scan
Schedule
Files to Scan
Scan Settings
CPU Usage
Scan Exclusions
Wildcard Exceptions
Scan Exclusion List (Directories)
Scan Exclusion List (Files)
Scan Exclusion List (File Extensions)
Apply Scan Exclusion Settings to All Scan Types
Virus/Malware Scan Actions
Use ActiveAction
Use the Same Action for all Virus/Malware Types
Use a Specific Action for Each Virus/Malware Type
Display a Notification Message When Virus/Malware is Detected
Display a Notification Message When Probable Virus/Malware is Detected
Back Up Files Before Cleaning
Quarantine Directory
Damage Cleanup Services
Spyware/Grayware Scan Actions
Display a Notification Message When Spyware/Grayware is Detected
Assigning an OfficeScan Client as an Update Agent
Configuring a Web Reputation Policy
OfficeScan DLP Settings
Creating a Data Loss Prevention Policy
Creating Data Loss Prevention Rules
Transmission Scope and Targets for Network Channels
Network Channels
Email Clients
System and Application Channels
Device List Tool
Running the Device List Tool
Data Loss Prevention Actions
Data Loss Prevention Exceptions
Defining Non-monitored and Monitored Targets
Decompression Rules
ScanMail for Microsoft Exchange Product Settings
Configuring a Data Loss Prevention Policy
Selecting Accounts
Configuring DLP Targets
Configuring DLP Actions
Configuring DLP Notifications
Enabling a DLP Policy
Trend Micro Security for Mac Product Settings
Configuring Cache Settings for Scans
Cache Settings for Scans
Configuring Manual Scan Settings
Scan Settings
CPU Usage
Scan Actions
Scan Action Options and Additional Settings
Terminology
Configuring Real-time Scan Settings
User Activity on Files
Scan Settings
Scan Actions
Scan Action Options and Additional Settings
Terminology
Configuring Scan Exclusion Lists
Scan Exclusions
Configuring Scheduled Scan Settings
Schedule
Scan Target
IntelliScan
Scan Settings
CPU Usage
Scan Actions
Scan Action Options and Additional Settings
Terminology
Configuring Agent Update Settings
Agent Updates
Launching Agent Update from the Agent Management Screen
Launching Agent Update from the Summary Screen
Pure IPv6 Agent Limitations
Server Update
Configuring Web Reputation Settings
Trend Micro Smart Protection
Web Reputation
Configuring the Approved URL List
Pure IPv6 Agent Limitations
Administering the Database
This
section
presents material administrators will need to manage the
Control Manager
network.
Understanding the Control Manager Database
Backing Up db_ControlManager Using osql
Backing Up db_ControlManager Using SQL Server Management Studio
Shrinking db_ControlManager_log.ldf Using SQL Server Management Studio
Shrinking db_ControlManager.mdf and db_ControlManager.ldf Using SQL Commands
