DEPARTMENT OF INFORMATION TECHNOLOGY

• Standard Operating Procedure for Updation of Endpoint Protection

 DEPARTMENT OF INFORMATION TECHNOLOGY

Document Release Details

Document Name: Standard Operating Document Classification: Internal

Procedure for Updation of Endpoint Protection
Version: 1.0
Approval Date: July 21, 2020
Effective Date: Issued by: DIT, CO

A. Introduction

The current Anti-Virus solution provider namely Symantec has been taken over by Broadcom.
Based on their business strategy/ies in public domain, it was decided to go for new Anti -Virus
(AV) solution with latest capability for endpoint detection and response (EDR). Accordingly, after
due process TrendMicro Apex One has been selected with IBM being the implementation agency
for the AV solution. This new solution will ensure continuous automated threat detection
and protection against the variety of threats and vulnerabilities.

As part of the implementation, the existing Symantec client will have to be uninstalled and the
new TrendMicro client will have to be installed in all our desktops/office laptops. To ensure user
convenience, both the uninstallation and installation software are combined in a single executable
file and will be pushed to all machines through SCCM.

B. Objective

This guide aims to provide easy step-by-step instructions on how to migrate from existing
Symantec solution to Trend Micro solution on the Office desktop PC.
 DEPARTMENT OF INFORMATION TECHNOLOGY

C. Steps to install Trend Micro solution

1. Power on the Desktop PC.

2. Open Software Centre

3. Check whether the application is available on “Installation Status tab”, (application will
start downloading and installing). This happens because, SCCM Team has already
pushed this agent remotely to all desktops.

4. As a first step, Once Symantec is uninstalled, there will be prompt for restart: (Kindly
restart the system to start with installation of trend Micro Apex AV)
 DEPARTMENT OF INFORMATION TECHNOLOGY

5. Post restart of the machine, Open Software centre and navigate to “Installed Software”
tab. The application will be successfully installed
 DEPARTMENT OF INFORMATION TECHNOLOGY

D. Steps to Verify Successful Installation

1. In windows control panel, check whether TrendMicro apex one agent is available.

2. In Start menu Check whether “Security Agent” is available.

3. In Taskbar, check whether Trendmicro security agent icon is available.

 DEPARTMENT OF INFORMATION TECHNOLOGY

4. After this, within next 5 to 10 min, agent will pull the policy and updates. We can see below
status of agent.

Click on 16.105.00 or any new number which comes next to smart scan agent pattern, one
window will open as below. It will indicate server name, File reputation and web reputation
name. (For some Offices, Server name will be DRDCCAPEXENDP2)
DEPARTMENT OF INFORMATION TECHNOLOGY
 DEPARTMENT OF INFORMATION TECHNOLOGY

E. Troubleshooting

Following are some problematic scenarios and the necessary troubleshooting measures for the
same.

1. SCENARIO 1: Agent not showing up on SCCM console

If agent is not showing up on the SCCM console, then contact SCCM team (022 -27595683)

2. SCENARIO 2: SCCM installation fails

2.1. If the SCCM installation fails, follow this manual installation procedure. Obtain
‘apexone-full agent msi package’ from Utility folder available on your file file server.
(If this is not available contact us)

2.2. Double click on apexone-full-agent.msi and start installation and click next

2.3. Wait for progress

 DEPARTMENT OF INFORMATION TECHNOLOGY

2.4. Within 3-4 minutes, you will see below window. Click on Finish.

2.5. Once Agent is installed, restart machine will be prompted. Kindly click on Restart.

2.6. Post restart, as mentioned above, complete the 4-step verification process as
mentioned in “D. Steps to Verify Successful Installation”

3. SCENARIO 3: Agent installed by SCCM, available in Control panel, but not appearing
in Start Menu
3.1. If Agent installed by SCCM is available in Control panel, but not appearing in Start
Menu, it means agent has not been installed properly in that machine or package
is corrupted.
3.2. Go to below path and start the agent

3.3. If it works, then fine.

 DEPARTMENT OF INFORMATION TECHNOLOGY

3.4. If it gives below error, then Trendmicro agent needs to be uninstalled with
trendmicro clean wipe (i.e by cut tool)

3.5. To uninstall trendmicro agent will Cut tool, follow below process. (The cut tool will
be available in your Shared folder/ file server, if not contact us)
• Extract cut tool zip file and keep it in C:\temp\
• Open CMD with admin privileges
• Go to the temp folder by typing these commands:
o cd \
o Press Enter
o cd C:\temp
o cut.exe –noinstall
o Press Enter. Uninstallation will start (Refer to below screenshot)

• Within 3-4 minutes it will prompt to restart machine

3.6. After uninstalling completely, please try to install again using manual installation
process as explained in ‘Scenario 1’.

4. SCENARIO 4: Agent is installed, but getting errors in the Trendmicro console

4.1. If Agent is installed but not getting even after 10-15 min and below screen is shown
in the Trendmicro console, follow below steps
 DEPARTMENT OF INFORMATION TECHNOLOGY

4.2. Check the IP Address of the Antivirus & SPS Server from Endpoint Machine by
Nslookup in CMD.
• nslookup DRDCSMARTPROT.RBI1.rbi.org.in it should give 10.35.4.227
• nslookup DRDCAPEXENDP1.RBI1.rbi.org. in it should give 10.35.4.245
• nslookup DRDCAPEXENDP2.RBI1.rbi.org.in it should give 10.35.4.246

• Check ping Endpoint Server to Apex One and Smart Protection Connectivity
o telnet DRDCSMARTPROT.RBI1.rbi.org.in on 443 port
o telnet DRDCSMARTPROT.RBI1.rbi.org.in on 5274 port
o telnet DRDCSMARTPROT.RBI1.rbi.org.in on 5275 port
o telnet DRDCAPEXENDP1.RBI1.rbi.org.in on 4343 port
4.3. If all above telnet are successful, then agent will get connected, else contact us.

F. Contact details of Support Team (IBM Team)

S.No. Contact Name Email ID Contact no Webex Details

1 Azam Idrisi
Suhas https://sampark.webex.com/
2 eppsupport@rbi.org.in 022-27568536
Nishankar eppsupport
3 Prasad Palav