Configuring Global Scan Settings

  1. Go to Agents > Global Agent Settings.
  2. Click the Security Settings tab and configure the Global Scan Settings in each of the available sections.
  3. Click the System tab.
  4. In the Certified Safe Software Service Settings section, configure the Enable the Certified Safe Software Service for Behavior Monitoring, Firewall, and antivirus scans setting.

    The Certified Safe Software Service queries Trend Micro datacenters to verify the safety of a program detected by Malware Behavior Blocking, Event Monitoring, Firewall, or antivirus scans. Enable Certified Safe Software Service to reduce the likelihood of false positive detections.


    Ensure that Security Agents have the correct proxy settings (for details, see Security Agent Proxy Settings) before enabling Certified Safe Software Service. Incorrect proxy settings, along with an intermittent Internet connection, can result in delays or failure to receive a response from Trend Micro datacenters, causing monitored programs to appear unresponsive.

    In addition, pure IPv6 Security Agents cannot query directly from Trend Micro datacenters. A dual-stack proxy server that can convert IP addresses, such as DeleGate, is required to allow the Security Agents to connect to the Trend Micro datacenters.

  5. Click the Network tab.
  6. In the Virus/Malware Log Bandwidth Settings section, configure the Enable the Security Agent to create a single virus/malware log entry for recurring detections of the same virus/malware within an hour setting.

    Apex One consolidates virus log entries when detecting multiple infections from the same virus/malware over a short period of time. Apex One may detect a single virus/malware multiple times, quickly filling the virus/malware log and consuming network bandwidth when the Security Agent sends log information to the server. Enabling this feature helps reduce both the number of virus/malware log entries made and the amount of network bandwidth Security Agents consume when they report virus log information to the server.

  7. Click the Agent Control tab.
  8. In the General Settings section, configure the Add Manual Scan to the Windows shortcut menu on endpoints setting.

    When this setting is enabled, all Security Agents managed by the server add a Scan with Apex One option to the right-click menu in Windows Explorer. When users right-click a file or folder on the Windows desktop or in Windows Explorer and select the option, Manual Scan scans the file or folder for virus/malware and spyware/grayware.

  9. Click Save.