Adding Objects to the User-Defined Suspicious Object List

You can protect your network from objects not yet identified on your network by adding the suspicious objects to the User-Defined Suspicious Objects list. Control Manager provides you the options to add objects based on the file, file SHA-1, domain, IP address, or URL. You can also specify the scan action that supported Trend Micro products take after detecting the suspicious objects (excluding domain objects).

  1. Go to Administration > Suspicious Objects > User-Defined Objects.

    The User-Defined Suspicious Objects screen appears.

  2. Click Add.
  3. Specify the Type of object.

    • File: Click Browse to upload a suspicious object file.

    • File SHA-1: Specify the SHA-1 hash value for the file.

    • IP address: Specify the IP address.

    • URL: Specify the URL.

    • Domain: Specify the domain.

  4. Specify the Scan action that supported products take after detecting the object.

    • Log

    • Block

    • Quarantine

      Note:

      This option is only available for File or File SHA-1 objects.

  5. (Optional) Specify a Note to assist in identifying the suspicious object.
  6. Click Add.

    The object appears in the User-Defined Suspicious Objects list. Managed products that subscribe to the suspicious objects lists receive the new object information during the next synchronization.

Parent topic: Preemptive Protection Against Suspicious Objects