Global Settings

The Global Settings apply to all users and cannot be customized for specific users or groups.

  1. Go to Policies > Global Settings.
  2. To enable Dynamic URL categorization, click On.

    TMWS uses Trend Micro URL Filtering Engine to filter URLs. If an accessed URL is not present in the engine's database, TMWS uses Dynamic URL Categorization technology to perform real time categorization of the website based on the website content and HTTP URL.

  3. To customize URL warning TTL, type a number and then select the frequency from the drop-down list.
    Note:

    URL Warning TTL specifies the periodic time interval for displaying a warning message.

  4. To customize Block with password override TTL, type a number and then select the frequency from the drop-down list.
    Note:

    Block with password override TTL specifies the periodic time interval for displaying a warning message.

  5. Configure the HTTPS Inspection section.

    TMWS can decrypt and inspect encrypted content over HTTPS connections to prevent security risks embedded in HTTPS traffic. You can define policies to decrypt HTTPS traffic from selected URL categories to apply configured scanning and filtering rules in the same way as HTTP traffic. For more information, see HTTPS Inspection.

    Important:

    To ensure that TMWS works properly to enforce all configured policy settings to also HTTPS traffic, turn on HTTPS Inspection and enable at least one decryption rule.

    Warning:

    For Android Devices, TMWS does not decrypt or scan any HTTPS traffic.

    1. To enable HTTPS Inspection, click On.

      The Advanced Settings area appears.

    2. To enable certificate management, click On. By default, this option is enabled.

      Note:

      If you disable certificate management, client devices can access any HTTPS website without checking the server certificate.

      If a certificate does not pass a certificate validation test, client devices can still choose to access a website through HTTPS connection. A warning screen displays on the client's browser. For more information, see Digital Certificates.

    3. To enable HTTPS tunneling, click On. By default, this option is enabled.

      Note:

      TMWS allows administrators to maintain a list of trusted domains, whose HTTPS traffic will always be accessible by end users without being decrypted and inspected. For more information, see HTTPS Tunnels.

    4. Click the links to download and deploy the default TMWS root CA certificate (current_ca_cert.cer for on-premises gateway use and current_cloud_ca_cert.cer for cloud proxy use) for the client browsers of end users. For details about how to deploy the root CA certificate on a client device, see TMWS Certificate Deployment.

      Important:

      Due to the TMWS certificate migration, Trend Micro recommends deploying both certificates to avoid a certificate warning that displays on the client browsers when users access an HTTPS website in certain scenarios.

  6. Configure the Safe Search Engine Settings section.

    Select Off or Strict for each search engine or online service.

    Note:

    TMWS integrates with popular search engines and online services, including Google, Yahoo, Bing, and YouTube, to leverage their Search Safety feature.

  7. (For Japan only) View the Static Outbound IP Setting section.

    For more information, see Static IP Addresses for the Outbound Traffic.

  8. Click Save.