Documente Academic
Documente Profesional
Documente Cultură
Options:
Enable the Integrated Scan Server on multiple OfficeScan servers
Install VMWare-based standalone scan servers
Both essentially work the same way, but are ported for different software platforms.
3. Enable Smart Scan - The Integrated Scan Server is enabled using the following checkbox on the Scan
Server screen on the OfficeScan management console.
Before including an Integrated Scan Server in the scan server list, make sure that it is enabled. When
using File Reputation functionality with an integrated scan server, make sure that the scan server is
enabled before switching scan types. This is an important step because the mechanism for switching
from standard scanning to File Reputation does not include automatic verification of scan server
functionality. It is, therefore, possible to assign a File Reputation-enabled OfficeScan client to a non-
functional scan server.
4. Create separate domains for Smart and Conventional clients
Upon installation, the default scan mode for the OfficeScan network is called ―Conventional scan.
This uses the traditional schema of using all-local patterns. Administrators can switch OfficeScan
clients to Smart Scan. As with other OfficeScan client settings, if the administrator sets this setting at
the root of the OfficeScan client tree, this becomes the default scan method, and will affect all
future clients, in addition to existing clients that are not already assigned client-specific scan-method
settings.
Deploy clients in Conventional scan, and then switch them over to Smart scan afterwards.
Create OfficeScan domains that have Smart scan enabled by default, and then migrate
5. Schedule Smart Scan Server to update on an hourly basis.
You may add the URLs of the Web sites you want to approve or block.By default, Trend Micro and
Microsoft Web sites are included in the Approved list.
8. Select whether to Allow clients to send logs to the OfficeScan server. You can use this option to
analyze URLs blocked by WRS.
9. Click Save
By default, Device Control feature is enabled but ALL devices have FULL ACCESS. Block AutoRun
functions on USB devices are also enabled. Configure the settings according to your preference.
1. On the OSCE Server, login to the Management Console
2. Go to Networked Computers > Client Management
3. Select the group/container you wish to apply the settings to
4. Click on “Settings” and select “Device Control”
5. Exceptions
5.1 Devices Access list
5.2 External Program list
Use this exception list to ensure access to programs shared by groups of people or to edit documents
from storage drives.
Enhanced GeneriClean Technology
There are instances wherein registry remnants are left after a Trend Micro product has cleaned or
quarantined a file. There is also a possibility that the malware payload can modify local security policies
of the machine that restrict certain functionalities (i.e. Task Manager). GeneriClean has the capability
to restore system policy and this has been implemented via the use of TSC.INI file.
For more information on how to clean malware remnants and restore security policies, visit
http://esupport.trendmicro.com/Pages/How-to-clean-malware-remnants-and-restore-policies-using-
GeneriClean.aspx
Intrusion Defense Firewall is an advanced, host-based intrusion defense system that brings proven
network security approaches, including firewall and intrusion detection and prevention, down to
individual networked computers and devices. In addition, it can also prevent a malware attack that
exploits the vulnerability.
Note:
If you have more than one (1) OfficeScan servers installed within your environment, you need to specify each
communication port being used by officescan clients to connect to their respective OfficeScan server.
This feature can only validate machines with OfficeScan client software installed. If a machine is running other
anti-virus program, assessment will return a BLANK result for the machine names you have queried.
Disable Autorun
1. Click on Start then Run
2. Type in GPEDIT.MSC then hit Enter.
3. Go to Local Computer Policy | Administrative Template | System
4. On the right pane, double-click Turn off Autoplay
5. When you are in the properties dialog box, click enabled
6. Choose All drives from the drop-down list underneath.
7. Click on OK.
Run Microsoft Baseline Security Analyzer 2.1 once a Month to check for
Unpatched PC
1. Download the tool on the link below
http://www.microsoft.com/downloads/details.aspx?FamilyID=F32921AF-9DBE-4DCE-
889EECF997EB18E9&displaylang=en#Instructions