A window appears, indicating that the system needs reboot to apply the configuration. To reboot the system, click OK. To go back to the Proxy screen, click Cancel.
After the system is successfully rebooted, the on-premises gateway works in the upstream proxy mode.
The TMWS on-premises gateway can return three optional headers from the ICAP server whenever a virus is found or returns information about users.
X-Virus-ID: Contains one line of US-ASCII text with a name of the virus or risk encountered.
X-Infection-Found: Returns a numeric code for the type of infection, the resolution, and the risk description.
X-Authenticated-User: If enabled, the TMWS on-premises gateway requests the username sent in the X-Authenticated-User ICAP header. The username obtained from the ICAP header allows TMWS to identify the user issuing the request if you configure the on-premises gateway to use the username method of user authentication. By default, this ICAP header is enabled.
The on-premises gateway follows the ICAP v1.0 protocol and supports the following three authentication schemes specified in the protocol: WinNT, LDAP, and Local.
By default, the X-Virus-ID and X-Infection-Found ICAP headers are disabled for performace reasons, because many ICAP clients do not use these headers.
I have no certificate
Click Download to get the default TMWS root CA certificate, and then add it to your ICAP clients.
I have a certificate
After the certificate is successfully verified, the TMWS on-premises gateway will use this certificate to establish secure ICAP communication with the ICAP clients.
A window appears, indicating that the system needs reboot to apply the configuration. To reboot the system, click OK. To go back to the ICAP screen, click Cancel.
After the system is successfully rebooted, the ICAP settings take effect.
The TMWS on-premises gateway integrates with the Case Diagnostic Tool (CDT) feature to help Trend Micro maintain and troubleshoot your organization's on-premises gateway. CDT collects product and system information, log files, and configuration files, which can be downloaded as an archive file to facilitate system troubleshooting.
Under Enable corresponding to each category, turn on the button to select one or several categories of information to include in the diagnostic file generated by CDT.
Product information is enabled by default and cannot be disabled.
Mouseover the calendar icon next to Access logs and click it to select a time range for access log collection. By default, no time range is selected.
There is no maximum time range for access logs. But to avoid a huge log file size, select a time range not longer than 6 hours and covering the time when a problem occurred.
If the Access logs category is enabled and no time range is selected, CDT collects access logs only within the last one hour.
To display the updated size of each category in real time under Size, refresh the page.
The icon turns to Generating. After the generation process is completed, the icon turns back to Generate and the file displays in the diagnostic file list.
Files that are collected by CDT, related to a core dump, or of other types are displayed.
Click to download a file as necessary.
Click to delete a file no longer needed.
View the type of a file. File types include CDT collected files, Core dump, and Others.
Sort the files by File Name, Generation Time, Size, or Type.