Trend Micro Apex One 2019 Server Online Help > Managing the Apex One Server and Agents > Managing the Security Agent
        • Online Help Center Home

        • Privacy and Personal Data Collection Disclosure
        • Preface
          • Apex One Documentation
          • Audience
          • Document Conventions
          • Terminology
        • Introduction and Getting Started
          • Introducing Apex One
            • About Apex One
            • What's New
            • Key Features and Benefits
            • The Apex One Server
            • The Security Agent
            • Integration with Trend Micro Products and Services
          • Getting Started with Apex One
            • The Web Console
              • Requirements for Opening the Web Console
              • Logon Account
              • The Web Console Banner
              • Getting Help
            • The Dashboard
              • Product License Status Section
              • Product Information Bars
              • Tabs and Widgets
                • Working with Tabs
                • Working with Widgets
              • Summary Tab Widgets
                • Overall Threat Detections and Policy Violations Widget
                • Endpoint Status Widget
                • Ransomware Summary Widget
                  • Security Threats - Ransomware Logs
                • Top Ransomware Detections Widget
                • Security Risk Detections Over Time Widget
              • Data Protection Widgets
                • Data Loss Prevention Incidents Over Time Widget
                • Top Data Loss Preventions Incidents Widget
              • Apex One Widgets
                • C&C Callback Events Widget
                • Security Risk Detections Widget
                • Apex One and Plug-ins Mashup Widget
                • Antivirus Agent Connectivity Widget
                • Agents Connected to the Edge Relay Server Widget
                • Outbreaks Widget
                • Agent Updates Widget
              • Management Widget
                • Agent-Server Connectivity Widget
            • Active Directory Integration
              • Integrating Active Directory with Apex One
              • Synchronizing Data with Active Directory Domains
            • The Apex One Agent Tree
              • Agent Connection Status
              • Agent Tree Icons
              • Searching the Agent Tree
                • Advanced Search Options
              • Agent Tree Specific Tasks
                • Agent Management Screen
                • Outbreak Prevention Screen
                • Agent Selection Screen
                • Rollback Screen
                • Security Risk Logs Screen
            • Apex One Domains
              • Agent Grouping
                • Manual Agent Grouping
                  • Configuring Manual Agent Grouping
                • Automatic Agent Grouping
                  • Configuring Automatic Agent Grouping
                • Defining Agent Grouping Rules by Active Directory Domains
                • Defining Agent Grouping Rules by IP Addresses
                • Agent Grouping Tasks
                  • Adding a Domain
                  • Deleting a Domain or Agent
                  • Renaming a Domain
                  • Moving Security Agents to Another Domain or Server
          • Getting Started with Data Protection
            • Data Protection Installation
              • Installing Data Protection
            • Data Protection License
              • Activating the Plug-in Program License
              • Viewing and Renewing the License Information
            • Deployment of Data Protection to Security Agents
              • Deploying the Data Protection Module to Security Agents
            • Forensic Folder and DLP Database
              • Modifying the Forensic Folder and Database Settings
              • Creating a Backup of Forensic Data
            • Uninstalling Data Protection
              • Uninstalling Data Protection from Plug-in Manager
        • Protecting Security Agents
          • Using Trend Micro Smart Protection
            • About Trend Micro Smart Protection
              • The Need for a New Solution
            • Smart Protection Services
              • File Reputation Services
              • Web Reputation Services
              • Smart Feedback
            • Smart Protection Sources
              • Trend Micro Smart Protection Network
              • Smart Protection Server
              • Smart Protection Sources Compared
            • Smart Protection Pattern Files
              • Smart Scan Agent Pattern
              • Smart Scan Pattern
              • Web Blocking List
              • Smart Protection Pattern Update Process
              • Usage of Smart Protection Patterns
            • Setting Up Smart Protection Services
              • Smart Protection Server Installation
                • Standalone Smart Protection Server Installation
                • Integrated Smart Protection Server Installation
                  • Integrated Smart Protection Server Tool
                • Smart Protection Server Best Practices
                  • Customizing ptngrowth.ini for the Standalone Server
                  • Customizing ptngrowth.ini for the Integrated Server
              • Integrated Smart Protection Server Management
                • Enabling the Integrated Server’s File Reputation Services and Web Reputation Services
                • Recording the Integrated Server’s Addresses
                • Updating the Integrated Server’s Components
                • Integrated Server’s Approved/Blocked URL List Configuration
                • Configuring Integrated Smart Protection Server Settings
              • Smart Protection Source List
                • IPv6 Support for Smart Protection Sources
                • Smart Protection Sources and Endpoint Location
                • Configuring the Standard List of Smart Protection Sources
                • Configuring Custom Lists of Smart Protection Sources
              • Agent Connection Proxy Settings
              • Endpoint Location Settings
              • Trend Micro Network VirusWall Installations
            • Using Smart Protection Services
          • Installing the Security Agent
            • Security Agent Fresh Installations
            • Installation Considerations
              • Security Agent Features
              • Security Agent Installation and IPv6 Support
                • Installation Methods
                • Agent IP Addresses
                  • Configuring the IP Address that Dual-stack Agents Use When Registering to the Server
            • Deployment Considerations
              • Installing from the Web Install Page
              • Email Link Installation
                • Sending an Email Link
              • Performing a UNC-based Installation
              • Installing Remotely from the Apex One Web Console
              • Installing with Login Script Setup
                • Security Agent Installation
                • Program and Component Updates
                • Windows Server Scripts
                • Adding Autopcc.exe to the Login Script Using Login Script Setup
              • Installing with Agent Packager
                • Package Deployment Guidelines
                  • Scan Method Guidelines for Agent Packages
                • Creating an Installation Package Using Agent Packager
                • Deploying an MSI Package Using Active Directory
                • Deploying an MSI Package Using Microsoft SMS
                  • Obtaining the Package Locally
                  • Obtaining the Package Remotely
                  • Distributing the Package to Target Endpoints
              • Installations Using Agent Disk Images
                • Creating a Disk Image of the Security Agent
              • Vulnerability Scanner Usage
                • Considerations When Using Vulnerability Scanner
                  • Network Administration
                  • Network Topology and Architecture
                  • Software/Hardware Specifications
                  • Domain Structure
                  • Network Traffic
                  • Network Size
                • Guidelines When Installing the Security Agent Using Vulnerability Scanner
                • Vulnerability Scan Methods
                  • Running a Manual Vulnerability Scan
                  • Configuring a Scheduled Vulnerability Scan
                • Vulnerability Scan Settings
                  • Product Query
                    • Configuring Product Query Settings
                  • Method for Retrieving Endpoint Descriptions
                    • Configuring Retrieval Settings
                  • Notifications
                    • Configuring Notification Settings
                  • Vulnerability Scan Results
                    • Configuring Scan Results
                  • Ping Settings
                    • Configuring Ping Settings
                  • Apex One Server Settings
                    • Configuring Apex One Server Settings
              • Installing with Security Compliance
                • Installing the Security Agent
            • Migrating to the Security Agent
              • Migrating from Other Endpoint Security Software
                • Security Agent Migration Issues
              • Migrating from ServerProtect Normal Servers
                • Using the ServerProtect Normal Server Migration Tool
            • Post-installation
              • Programs List
              • Security Agent Services
              • Security Agent Installation Logs
              • Recommended Post-installation Tasks
                • Component Updates
                • Test Scan Using the EICAR Test Script
                  • Performing a Test Scan
            • Security Agent Uninstallation
              • Uninstalling the Security Agent from the Web Console
              • The Security Agent Uninstallation Program
                • Granting the Security Agent Uninstallation Privilege
                • Running the Security Agent Uninstallation Program
          • Keeping Protection Up-to-Date
            • Apex One Components and Programs
              • Antivirus Components
                • Updating the Scan Engine
              • Anti-spyware Components
              • Damage Cleanup Services Components
              • Firewall Components
              • Behavior Monitoring Components
              • Suspicious Connections Components
              • Browser Exploit Solution
              • Programs
                • Hot Fix and Patch History
              • Web Reputation Component
            • Update Overview
              • Apex One Server and Security Agent Update
              • Smart Protection Source Update
            • Apex One Server Updates
              • Apex One Server Update Sources
                • IPv6 Support for Apex One Server Updates
              • Proxy for Apex One Server Updates
                • Configuring Server Proxy Settings
              • Configuring the Server Update Source
              • Apex One Server Component Duplication
                • Component Duplication Scenario
              • Isolated Apex One Server Updates
                • Updating an Isolated Apex One Server
              • Apex One Server Update Methods
                • Manually Updating the Apex One Server
                • Scheduling Updates for the Apex One Server
              • Apex One Server Update Logs
                • Viewing the Update Logs
            • Integrated Smart Protection Server Updates
            • Security Agent Updates
              • Security Agent Update Sources
                • IPv6 Support for Security Agent Updates
                • Standard Update Source for Security Agents
                  • Configuring the Standard Update Source for Security Agents
                  • Security Agent Update Process
                • Customized Update Sources for Security Agents
                  • Configuring Customized Update Sources for Security Agents
                  • Security Agent Update Process
                • ActiveUpdate Server as the Security Agent Update Source
                  • Limiting Downloads from the ActiveUpdate Server
              • Security Agent Update Methods
                • Security Agent Automatic Updates
                  • Event-triggered Updates
                  • Schedule-based Updates
                  • Configuring Security Agent Automatic Updates
                  • Configuring Scheduled Security Agent Updates with NAT
                • Using the Domains Schedule Update Tool
                • Security Agent Manual Updates
                  • Updating Security Agents Manually
                • Configuring Update Privileges and Other Settings
              • Configuring Reserved Disk Space for Security Agents Updates
              • Proxy for Security Agent Component Updates
              • Configuring Security Agent Update Notifications
              • Viewing Security Agent Update Logs
              • Enforcement of Security Agent Updates
              • Rolling Back Components for Security Agents
              • Running the Touch Tool for Security Agent Hot Fixes
            • Update Agents
              • Update Agent System Requirements
              • Update Agent Configuration
                • Assigning Security Agents as Update Agents
                • Specifying the Security Agents that Update from an Update Agent
              • Update Sources for Update Agents
                • IPv6 Support for Update Agents
                • Standard Update Source for Update Agents
                • Customized Update Sources for Update Agents
                • Configuring the Update Source for the Update Agent
                • Update Agent Component Duplication
              • Update Methods for Update Agents
                • Using the Scheduled Update Configuration Tool
              • Update Agent Analytical Report
            • Component Update Summary
              • Update Status for Security Agents
              • Components
          • Scanning for Security Risks
            • About Security Risks
              • Viruses and Malware
              • Spyware and Grayware
                • How Spyware/Grayware Gets into the Network
                • Potential Risks and Threats
                • Guarding Against Spyware/Grayware and Other Threats
            • Scan Method Types
              • Default Scan Method
              • Scan Methods Compared
              • Changing the Scan Method
              • Switching from Smart Scan to Conventional Scan
              • Switching from Conventional Scan to Smart Scan
            • Scan Types
              • Real-time Scan
                • Configuring Real-time Scan Settings
              • Manual Scan
                • Configuring Manual Scan Settings
              • Scheduled Scan
                • Configuring Scheduled Scan Settings
              • Scan Now
                • Configuring Scan Now Settings
                • Initiating Scan Now
            • Settings Common to All Scan Types
              • Scan Criteria
                • User Activity on Files
                • Files to Scan
                • Scan Settings
                • CPU Usage
                • Schedule
              • Scan Exclusions
                • Wildcard Exceptions
                • Scan Exclusion List (Directories)
                  • Supported System Variables for Scan Exclusion List (Directories)
                • Scan Exclusion List (Files)
                • Scan Exclusion List (File Extensions)
                • Apply Scan Exclusion Settings to All Scan Types
              • Scan Actions
                • Virus/Malware Scan Actions
                • Use ActiveAction
                • Use the Same Action for all Virus/Malware Types
                • Use a Specific Action for Each Virus/Malware Type
                • Quarantine Directory
                • Back Up Files Before Cleaning
                • Damage Cleanup Services
                • Display a Notification Message When Virus/Malware is Detected
                • Display a Notification Message When Probable Virus/Malware is Detected
              • Restoring Quarantined Files
              • Restoring Encrypted Files
                • Decrypting and Restoring Files
              • Spyware/Grayware Scan Actions
                • Display a Notification Message When Spyware/Grayware is Detected
              • Spyware/Grayware Approved List
                • Adding Already Detected Spyware/Grayware to the Approved List
                • Managing the Spyware/Grayware Approved List
              • Restoring Spyware/Grayware
              • Trusted Program List
                • Configuring the Trusted Programs List
            • Scan Privileges and Other Settings
              • Scan Type Privileges
                • Granting Scan Type Privileges
                • Configuring Scan Settings for the Security Agent
              • Scheduled Scan Privileges and Other Settings
                • Postpone Scheduled Scan
                • Skip and Stop Scheduled Scan
                • Scheduled Scan Privilege Notification
                • Granting Scheduled Scan Privileges and Displaying the Privilege Notification
                • Postponing/Skipping and Stopping Scheduled Scan on the Agent
              • Mail Scan Privileges and Other Settings
                • Granting Mail Scan Privileges and Enabling POP3 Mail Scan
              • Cache Settings for Scans
                • Digital Signature Cache
                • On-demand Scan Cache
                • Configuring Cache Settings for Scans
              • Trusted Program List Privilege
                • Granting the Trusted Program List Settings
            • Global Scan Settings
              • Configuring Global Scan Settings
                • Scan Settings Section
                  • Exclude the Apex One Server Database Folder from Real-time Scan
                  • Exclude Microsoft Exchange Server Folders and Files from Scans
                  • Enable Deferred Scanning on File Operations
                  • Enable Early Launch Anti-Malware Protection on Endpoints
                  • Clean/Delete Infected Files Within Compressed Files
                  • Enable Assessment Mode
                  • Scan for Cookies
                • Scheduled Scan Settings Section
                  • Remind Users of the Scheduled Scan __ Minutes Before it Runs
                  • Postpone Scheduled Scan for up to __ Hours and __ Minutes
                  • Automatically Stop Scheduled Scan When Scanning Lasts More Than __ Hours and __ Minutes
                  • Skip Scheduled Scan When a Wireless Endpoint's Battery Life is Less Than __ % and its AC Adapter is Unplugged
                  • Resume a Missed Scheduled Scan
            • Security Risk Notifications
              • Security Risk Notifications for Administrators
                • Configuring Security Risk Notifications for Administrators
              • Security Risk Notifications for Security Agent Users
                • Notifying Users of Virus/Malware and Spyware/Grayware Detections
                • Configuring Virus/Malware Notifications for Security Agents
                • Configuring Spyware/Grayware Notifications
              • Notifying Agents of a Restart to Finish Cleaning Infected Files
            • Security Risk Logs
              • Viewing Virus/Malware Logs
                • Virus/Malware Scan Results
                • Viewing Central Quarantine Restore Logs
              • Viewing Spyware/Grayware Logs
                • Spyware/Grayware Scan Results
                • Viewing Spyware/Grayware Restore Logs
              • Viewing Suspicious File Logs
              • Viewing Scan Operation Logs
            • Security Risk Outbreaks
              • Security Risk Outbreak Criteria and Notifications
                • Configuring the Security Risk Outbreak Criteria and Notifications
              • Configuring Security Risk Outbreak Prevention
              • Outbreak Prevention Policies
                • Limiting/Denying Access to Shared Folders
                • Blocking Vulnerable Ports
                • Denying Write Access to Files and Folders
                • Creating Mutual Exclusion Handling on Malware Processes/Files
                • Denying Access to Executable Compressed Files
              • Disabling Outbreak Prevention
          • Protecting Against Unknown Threats
            • Predictive Machine Learning
              • Configuring Predictive Machine Learning Settings
            • Suspicious Connection Service
              • Configuring Global User-defined IP List Settings
              • Configuring Suspicious Connection Settings
            • Sample Submission
              • Configuring Sample Submission
            • Unknown Threat Logs
              • Viewing Predictive Machine Learning Logs
                • Predictive Machine Learning Log Details
              • Viewing Suspicious Connection Logs
              • Viewing Sample Submission Logs
          • Using Behavior Monitoring
            • Behavior Monitoring
              • Malware Behavior Blocking
                • Ransomware Protection
                • Anti-Exploit Protection
              • Newly Encountered Program Protection
              • Event Monitoring
              • Behavior Monitoring Exception List
                • Exception List Wildcard Support
                • Exception List Environment Variable Support
              • Configuring Malware Behavior Blocking, Event Monitoring, and the Exception List
            • Configuring Global Behavior Monitoring Settings
            • Behavior Monitoring Privileges
              • Granting Behavior Monitoring Privileges
            • Behavior Monitoring Notifications for Security Agent Users
              • Enabling the Sending of Notification Messages
              • Modifying the Content of the Notification Message
            • Behavior Monitoring Logs
              • Viewing Behavior Monitoring Logs
              • Configuring the Behavior Monitoring Log Sending Schedule
          • Using Device Control
            • Device Control
            • Permissions for Storage Devices
              • Advanced Permissions for Storage Devices
                • Specifying a Digital Signature Provider
                • Wildcard Support for the Device Control Allowed Programs List
            • Permissions for Non-storage Devices
            • Managing Access to External Devices (Data Protection Activated)
              • Configuring Advanced Permissions
              • Configuring an Approved List of USB Devices
              • Device List Tool
                • Running the Device List Tool
            • Managing Access to External Devices (Data Protection Not Activated)
              • Adding Programs to the Device Control Lists Using ofcscan.ini
            • Modifying Device Control Notifications
            • Device Control Logs
              • Viewing Device Control Logs
          • Using Data Loss Prevention
            • Data Loss Prevention (DLP)
            • Data Loss Prevention Policies
              • Policy Configuration
            • Data Identifier Types
              • Expressions
                • Predefined Expressions
                  • Viewing Settings for Predefined Expressions
                • Customized Expressions
                  • Criteria for Customized Expressions
                  • Creating a Customized Expression
                  • Importing Customized Expressions
              • File Attributes
                • Predefined File Attributes List
                • Creating a File Attribute List
                • Importing a File Attribute List
              • Keywords
                • Predefined Keyword Lists
                • How Keyword Lists Work
                  • Number of Keywords Condition
                  • Distance Condition
                • Customized Keyword Lists
                  • Customized Keyword List Criteria
                  • Creating a Keyword List
                  • Importing a Keyword List
            • Data Loss Prevention Templates
              • Predefined DLP Templates
              • Customized DLP Templates
                • Condition Statements and Logical Operators
                • Creating a Template
                • Importing Templates
            • DLP Channels
              • Network Channels
                • Email Clients
                • FTP
                • HTTP and HTTPS
                • IM Applications
                • SMB Protocol
                • Webmail
              • Transmission Scope and Targets for Network Channels
                • Transmission Scope: All Transmissions
                • Transmission Scope: Only Transmissions Outside the Local Area Network
                • Resolving Conflicts
              • System and Application Channels
                • Cloud Storage Service
                • Data Recorders (CD/DVD)
                  • Blocking Access to Data Recorders (CD/DVD)
                • Peer-to-Peer Applications
                • PGP Encryption
                • Printer
                • Removable Storage
                • Synchronization Software (ActiveSync)
                • Windows Clipboard
            • Data Loss Prevention Actions
            • Data Loss Prevention Exceptions
              • Defining Non-monitored and Monitored Targets
              • Decompression Rules
                • Rule 1: Maximum Size of a Decompressed File
                • Rule 2: Maximum Compression Layers
                • Rule 3: Maximum Number of Files to Scan
                • Events that Trigger Decompression Rules
            • Data Loss Prevention Policy Configuration
              • Creating a Data Loss Prevention Policy
              • Creating Data Loss Prevention Rules
              • Importing, Exporting, and Copying DLP Rules
            • Data Loss Prevention Notifications
              • Data Loss Prevention Notifications for Administrators
                • Configuring Data Loss Prevention Notification for Administrators
              • Data Loss Prevention Notifications for Agent Users
                • Configuring Data Loss Prevention Notification for Agents
            • Data Loss Prevention Logs
              • Viewing Data Loss Prevention Logs
                • Processes by Channel
                • Data Loss Prevention Log Details
              • Enabling Debug Logging for the Data Protection Module
          • Using Web Reputation
            • About Web Threats
            • Command & Control Contact Alert Services
            • Web Reputation
            • Web Reputation Policies
              • Configuring a Web Reputation Policy
                • HTTPS URL Scan Support
            • Web Threat Notifications for Agent Users
              • Enabling the Web Threat Notification Message
              • Modifying the Web Threat Notifications
            • C&C Callback Notifications for Administrators
              • Configuring C&C Callback Notifications for Administrators
            • C&C Contact Alert Notifications for Agent Users
              • Enabling the C&C Callback Notification Message
              • Modifying the C&C Callback Notifications
            • C&C Callback Outbreaks
              • Configuring the C&C Callback Outbreak Criteria and Notifications
            • Web Threat Logs
              • Viewing Web Reputation Logs
              • Viewing C&C Callback Logs
          • Using the Apex One Firewall
            • About the Apex One Firewall
              • Traffic Filtering
              • Application Filtering
              • Certified Safe Software List
              • Scanning for Network Viruses
              • Customizable Profiles and Policies
              • Stateful Inspection
              • Intrusion Detection System
              • Firewall Violation Outbreak Monitor
              • Security Agent Firewall Privileges
            • Enabling or Disabling the Apex One Firewall
            • Firewall Policies and Profiles
              • Firewall Policies
                • Default Firewall Policies
                • Adding a Firewall Policy
                • Modifying an Existing Firewall Policy
                • Editing the Firewall Exception Template
                  • Adding a Firewall Policy Exception
                  • Modifying a Firewall Policy Exception
                  • Saving the Policy Exception List Settings
              • Firewall Profiles
                • Configuring the Firewall Profile List
                • Adding and Editing a Firewall Profile
                  • Adding a Firewall Profile
                  • Modifying a Firewall Profile
            • Firewall Privileges
              • Granting Firewall Privileges
            • Global Firewall Settings
              • Configuring Global Firewall Settings
            • Firewall Violation Notifications for Security Agent Users
              • Granting Users the Privilege to Enable/Disable the Notification Message
              • Modifying the Content of the Firewall Notification Message
            • Firewall Logs
              • Viewing Firewall Logs
            • Firewall Violation Outbreaks
              • Configuring the Firewall Violation Outbreak Criteria and Notifications
            • Testing the Apex One Firewall
        • Managing the Apex One Server and Agents
          • Managing the Apex One Server
            • Role-based Administration
              • User Accounts
                • Agent Management Menu Items
                • Adding a User Account
                  • Defining Permissions for Domains
              • User Roles
                • Built-in User Roles
                • Adding a Custom Role
                  • Menu Items for Servers and Agents
                  • Menu Items for Managed Domains
                • Importing or Exporting Custom Roles
            • Trend Micro Apex Central
              • Apex Central Integration in this Apex One Release
              • Enhanced Product Integration Through Apex Central
              • Supported Apex Central Versions
              • Registering Apex One to Apex Central
                • Apex Central Certificate Authorization
              • Checking the Apex One Status on the Apex Central Management Console
            • The Apex One Settings Export Tool
              • Using the Apex One Settings Export Tool
            • Suspicious Object List Settings
              • Configuring Suspicious Object List Settings
            • Reference Servers
              • Managing the Reference Server List
            • Administrator Notification Settings
              • Configuring General Notification Settings
            • System Event Logs
              • Viewing System Event Logs
            • Log Management
              • Log Maintenance
                • Deleting Logs Based on a Schedule
                • Manually Deleting Logs
            • Licenses
              • Managing License Information
            • SQL Server Database Connection Settings
              • Configuring the SQL Server Database Connection
              • Configuring the SQL Database Unavailable Alert
            • Apex One Web Server/Agent Connection Settings
              • Configuring Connection Settings
            • Server-Agent Communication
              • Authentication of Server-initiated Communications
                • Using Authentication Certificate Manager
              • Enhanced Encryption of Server-Agent Communication
            • Web Console Password
            • Configuring Web Console Settings
            • Quarantine Manager
              • Configuring Quarantine Directory Settings
            • Server Tuner
              • Running Server Tuner
            • Smart Feedback
              • Participating in the Smart Feedback Program
          • Managing the Security Agent
            • Endpoint Location
              • Location Criteria
              • Configuring Location Settings
              • Gateway Settings Importer
                • Using Gateway Settings Importer
            • Security Agent Program Management
              • Security Agent Services
                • Excluding Security Agent Services and Processes in Third-Party Applications
                • Configuring Additional Security Agent Services
                • Using the Trend Micro Performance Tuning Tool
              • Security Agent Service Restart
                • Configuring Service Restart Settings
              • Security Agent Self-protection
                • Configuring Security Agent Self-protection Settings
                • Protect Security Agent Services
                • Protect Files in the Security Agent Installation Folder
                • Protect Security Agent Registry Keys
                • Protect Security Agent Processes
              • Security Agent Console Access Restriction
                • Restricting Access to the Security Agent Console
              • Security Agent Unloading and Unlocking
                • Granting the Agent Unloading and Unlocking Privilege
              • Security Agent Independent Mode Privilege
                • Granting the Agent Independent Mode Privilege
                • Disabling Automatic Agent Update on Independent Agents
                • Revoking the Scheduled Update Privilege on Independent Agents
              • Security Agent Language Configuration
                • Configuring Security Agent Language Settings
              • Agent Mover
                • Running Agent Mover
              • Inactive Security Agents
                • Automatically Removing Inactive Agents
            • Agent-Server Connection
              • Security Agent Icons
                • Smart Scan Icons
                • Conventional Scan Icons
                • Solutions to Issues Indicated in Security Agent Icons
              • Agent-Server Connection Verification
                • Verifying Agent-Server Connections
              • Connection Verification Logs
                • Viewing Connection Verification Logs
              • Unreachable Agents
                • Heartbeat
                • Server Polling
                • Configuring the Heartbeat and Server Polling Features
            • Security Agent Proxy Settings
              • Configuring Internal Agent Proxy Settings
              • Configuring External Agent Proxy Settings
              • Configuring Global Smart Protection Service Proxy Settings
              • Granting Proxy Configuration Privileges
            • Viewing Security Agent Information
            • Importing and Exporting Agent Settings
              • Exporting Agent Settings
              • Importing Agent Settings
            • Security Compliance
              • Security Compliance for Managed Agents
                • Services
                • Components
                • Scan Compliance
                • Settings
              • On-demand Compliance Reports
                • Generating an On-demand Compliance Report
              • Scheduled Compliance Reports
                • Configuring Settings for Scheduled Compliance Reports
              • Security Compliance for Unmanaged Endpoints
                • Defining the Active Directory/IP Address Scope and Query
                • Viewing the Query Results
                • Configuring the Scheduled Query Assessment
            • Trend Micro Virtual Desktop Support
              • Virtual Desktop Support System Requirements
              • Virtual Desktop Support Installation
                • Installing Virtual Desktop Support
              • Virtual Desktop Support License
                • Activating or Renewing Virtual Desktop Support
                • Viewing License Information for Virtual Desktop Support
              • Virtual Server Connections
                • Adding Server Connections
                • Adding Additional Server Connections
                • Deleting a Connection Setting
              • Changing the VDI Scan Capacity
              • Troubleshooting Microsoft Hyper-V Connections
                • Allowing WMI Communication through the Windows Firewall
                • Opening Port Communication through the Windows Firewall or a Third-party Firewall
              • VDI Pre-Scan Template Generation Tool
                • Creating a Pre-scan Template
                • Removing GUIDs from Templates
            • Global Agent Settings
            • Configuring Agent Privileges and Other Settings
        • Providing Additional Protection
          • Protecting Off-premises Agents
            • Edge Relay Server
            • Edge Relay Server System Requirements
            • Installing the Edge Relay Server
            • Upgrading the Edge Relay Server
            • Edge Relay Server Registration Tool
              • Using the Edge Relay Server Registration Tool
                • Register to an Apex One Server
                • Unregister from an Apex One Server
                • Renew a Self-Signed Certificate (includes OsceEdgeRoot CA, webhost, and OsceOPA)
                • Bind Customer-Specific Certificates with Webhost and OsceOPA Certificates
                • Delete All IIS Rules (after unregistering from all Apex One servers)
              • Binding Customer-Specific Certificates with the Edge Relay Server
            • Viewing the Edge Relay Server Connection in Apex One
            • Managing Edge Relay Server Certificates
          • Using Plug-in Manager
            • About Plug-in Manager
              • Plug-in Program Agents on Endpoints
              • Widgets
            • Plug-in Manager Installation
              • Performing Post-installation Tasks
            • Native Apex One Feature Management
            • Managing Plug-in Programs
              • Plug-in Program Installation
                • Installing Plug-in Programs
                • Activating the Plug-in Program License
                • Viewing and Renewing the License Information
              • Plug-in Program Management
                • Managing Plug-in Programs
              • Plug-in Program Upgrades
                • Upgrading Plug-in Programs
              • Plug-in Program Uninstallation
                • Uninstalling Plug-in Programs from the Plug-in Manager Console
            • Uninstalling Plug-in Manager
            • Troubleshooting Plug-in Manager
              • Plug-in Program Does not Display on the Plug-in Manager Console
              • Plug-in Agent Installation and Display Issues on Endpoints
              • Agents on the Endpoints Cannot be Launched if the Automatic Configuration Script Setting on Internet Explorer Redirects to a Proxy Server
              • An Error in the System, Update Module, or Plug-in Manager Program occurred and the Error Message Provides a Certain Error Code
          • Troubleshooting Resources
            • Support Intelligence System
            • Case Diagnostic Tool
            • Trend Micro Performance Tuning Tool
            • Apex One Server Logs
              • Server Debug Logs Using LogServer.exe
                • Debug Logging
                • Enabling Debug Logging for Server Installation and Upgrade
              • Installation Logs
              • Active Directory Logs
              • Role-based Administration Logs
              • Security Agent Grouping Logs
              • Component Update Logs
                • Getting Detailed Server Update Information
                • Stopping the Collection of Detailed Server Update Information
              • Agent Packager Logs
                • Enabling Logging for Agent Packager Creation
                • Disabling Logging for Agent Packager Creation
              • Security Compliance Report Logs
              • Outside Server Management Logs
              • Device Control Exception Logs
              • Integrated Smart Protection Server Web Reputation Logs
              • ServerProtect Normal Server Migration Tool Logs
              • VSEncrypt Logs
              • Apex Central MCP Agent Logs
                • Enabling Debug Logging for the MCP Agent
                • Disabling Debug Logging for the MCP Agent
              • Outbreak Logs
              • Virtual Desktop Support Logs
            • Security Agent Logs
              • Security Agent Debug Logs Using LogServer.exe
              • Fresh Installation Logs
              • Upgrade/Hot Fix Logs
              • Damage Cleanup Services Logs
              • Mail Scan Logs
              • Security Agent Connection Logs
              • Security Agent Update Logs
                • Getting Detailed Security Agent Update Information
              • Virus Scan Engine Logs
              • Outbreak Prevention Logs
              • Outbreak Prevention Restore Logs
              • Behavior Monitoring Debug Logs
              • Apex One Firewall Logs
                • Enabling Debug Logging for the Common Firewall Driver (all operating systems)
                • Disabling Debug Logging for the Common Firewall Driver (all operating systems)
                • Enabling Debug Logging for the Apex One NT Firewall Service
                • Disabling Debug Logging for the Apex One NT Firewall Service
              • Web Reputation and POP3 Mail Scan Logs
                • Enabling Debug Logging for the Web Reputation and POP3 Mail Scan Features
                • Disabling Debug Logging for the Web Reputation and POP3 Mail Scan Features
              • Device Control Exception List Logs
              • Data Protection Debug Logs
              • Windows Event Logs
              • Transport Driver Interface (TDI) Logs
          • Technical Support
            • Troubleshooting Resources
              • Using the Support Portal
              • Threat Encyclopedia
            • Contacting Trend Micro
              • Speeding Up the Support Call
            • Sending Suspicious Content to Trend Micro
              • Email Reputation Services
              • File Reputation Services
              • Web Reputation Services
            • Other Resources
              • Download Center
              • Documentation Feedback
        • Appendices
          • IPv6 Support in Apex One
            • IPv6 Support for Apex One Server and Agents
              • Apex One Server Requirements
              • Pure IPv6 Server Limitations
              • Pure IPv6 Security Agent Limitations
            • Configuring IPv6 Addresses
            • Screens That Display IP Addresses
          • Windows Server Core Support
            • Windows Server Core Support
            • Installation Methods for Windows Server Core
              • Installing the Security Agent Using Login Script Setup
              • Installing the Security Agent Using the Security Agent Package
            • Security Agent Features on Windows Server Core
            • Windows Server Core Commands
          • Apex One Rollback
            • Rolling Back the Apex One Server and Security Agents Using the Server Backup Package
              • Rolling Back the Security Agents
              • Restoring the Previous OfficeScan Server Version
          • Glossary
            • ActiveUpdate
            • Compressed File
            • Cookie
            • Denial of Service Attack
            • DHCP
            • DNS
            • Domain Name
            • Dynamic IP Address
            • ESMTP
            • End User License Agreement
            • False Positive
            • FTP
            • GeneriClean
            • Hot Fix
            • HTTP
            • HTTPS
            • ICMP
            • IntelliScan
            • IntelliTrap
            • IP
            • Java File
            • LDAP
            • Listening Port
            • MCP Agent
            • Mixed Threat Attack
            • NAT
            • NetBIOS
            • One-way Communication
            • Patch
            • Phish Attack
            • Ping
            • POP3
            • Proxy Server
            • RPC
            • Security Patch
            • Service Pack
            • SMTP
            • SNMP
            • SNMP Trap
            • SSL
            • SSL Certificate
            • TCP
            • Telnet
            • Trojan Port
            • Trusted Port
              • Determining the Trusted Ports
            • Two-way Communication
            • UDP
            • Uncleanable Files
              • Files Infected with Trojans
                • Files Infected with Worms
                • Write-protected Infected Files
                • Password-protected Files
                • Backup Files

        Managing the Security Agent

        This chapter describes Security Agent management and configurations.

        Topics include:

        • Endpoint Location
        • Security Agent Program Management
        • Agent-Server Connection
        • Security Agent Proxy Settings
        • Viewing Security Agent Information
        • Importing and Exporting Agent Settings
        • Security Compliance
        • Trend Micro Virtual Desktop Support
        • Global Agent Settings
        • Configuring Agent Privileges and Other Settings
        Parent topic: Managing the Apex One Server and Agents