OfficeScan 10.6 Administrator's Guide - Trend Micro™ Online Help

More documents

Recommendations

Info

TABLE 15-2. Policy Server for Cisco NAC Terms (Continued) TERM DEFINITION Authentication , Authorization, and Accounting (AAA) Certificate Authority (CA) Digital Certificates Remote Authentication Dial-In User Service (RADIUS) Terminal Access Controller Access Control System (TACACS+) Using Policy Server for Cisco NAC Describes the three main services used to control end-user client access to computer resources. Authentication refers to identifying a client, usually by having the user enter a user name and password. Authorization refers to the privileges the user has to issue certain commands. Accounting refers to a measurement, usually kept in logs, of the resources utilized during a session. The Cisco Secure Access Control Server (ACS) is the Cisco implementation of an AAA server. An authority on a network that distributes digital certificates for the purposes of performing authentication and securing connections between computers and/or servers. An attachment used for security. Most commonly, certificates authenticate clients with servers, such as a web server, and contain the following: user identity information, a public key (used for encryption), and a digital signature of a Certificate authority (CA) to verify that the certificate is valid. An authentication system requiring clients to enter a user name and password. Cisco Secure ACS servers support RADIUS. A security protocol enabled through AAA commands used for authenticating end-user clients. Cisco ACS servers support TACACS+. 15-5
Trend Micro OfficeScan 10.6 Administrator’s Guide Cisco NAC Architecture 15-6 The following diagram illustrates a basic Cisco NAC architecture. Cisco Secure Access Control Server Cisco NAC-supported Network Access Device OfficeScan client with CTA installation Trend Micro Policy Server for Cisco NAC FIGURE 15-1. Basic Cisco NAC architecture OfficeScan server The OfficeScan client in this figure has a CTA installation and is only able to access the network through a Network Access Device that supports Cisco NAC. The Network Access Device is between the client and the other Cisco NAC components. Note: The architecture of your network may differ based on the presence of proxy servers, routers, or firewalls.
Page 2 and 3:
Trend Micro Incorporated reserves t
Page 4 and 5:
Contents Section 1: Introduction an
Page 6 and 7:
Contents Client IP Addresses ......
Page 8 and 9:
Contents Component Update Summary .
Page 10 and 11:
Contents File Attributes ..........
Page 12 and 13:
Contents Web Console Settings .....
Page 14 and 15:
Contents Rule Composition .........
Page 16 and 17:
Contents Client Connection Logs ...
Page 18 and 19:
List of Tables List of Tables Table
Page 20 and 21:
List of Tables Table 6-2. Considera
Page 22 and 23:
List of Tables Table 9-7. Predefine
Page 24 and 25:
List of Tables Table 15-3. Default
Page 26 and 27:
Section 1 Introduction and Getting
Page 28 and 29:
Preface Preface Welcome to the Tren
Page 30 and 31:
Audience Preface OfficeScan documen
Page 32 and 33:
Terminology Preface The following t
Page 34 and 35:
TABLE P-3. OfficeScan Terminology (
Page 36 and 37:
Introducing OfficeScan Chapter 1 Th
Page 38 and 39:
Introducing OfficeScan Plug-in Mana
Page 40 and 41:
Introducing OfficeScan Damage Clean
Page 42 and 43:
Introducing OfficeScan • Repairs
Page 44 and 45:
The OfficeScan Server Introducing O
Page 46 and 47:
Standalone Smart Protection Server
Page 48 and 49:
Getting Started with OfficeScan Cha
Page 50 and 51:
Getting Started with OfficeScan On
Page 52 and 53:
The Summary Dashboard Getting Start
Page 54 and 55:
Working with Tabs and Widgets Manag
Page 56 and 57:
TABLE 2-2. Tab and Widget Tasks (Co
Page 58 and 59:
Available Widgets The following wid
Page 60 and 61:
Getting Started with OfficeScan To
Page 62 and 63:
Getting Started with OfficeScan Cli
Page 64 and 65:
Getting Started with OfficeScan •
Page 66 and 67:
Getting Started with OfficeScan Off
Page 68 and 69:
Getting Started with OfficeScan Dig
Page 70 and 71:
To view data, select a time period
Page 72 and 73:
Getting Started with OfficeScan Fil
Page 74 and 75:
To integrate Active Directory with
Page 76 and 77:
The OfficeScan Client Tree Getting
Page 78 and 79:
Getting Started with OfficeScan •
Page 80 and 81:
Table 2-6 lists the tasks you can p
Page 82 and 83:
TABLE 2-6. Client Management Tasks
Page 84 and 85:
Getting Started with OfficeScan Upd
Page 86 and 87:
Perform the following tasks: 1. Vie
Page 88 and 89:
Manual Client Grouping Getting Star
Page 90 and 91:
Getting Started with OfficeScan 5.
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
4. To delete a client, click Remove
Page 98 and 99:
Section 2 Protecting Networked Comp
Page 100 and 101:
Chapter 3 Using Trend Micro Smart P
Page 102 and 103:
Using Trend Micro Smart Protection
Page 104 and 105:
Smart Feedback Using Trend Micro Sm
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Setting Up Smart Protection Service
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
To configure custom lists of smart
Page 124 and 125:
Page 126 and 127:
Using Smart Protection Services Usi
Page 128 and 129:
Installing the OfficeScan Client Ch
Page 130 and 131:
Client Features Installing the Offi
Page 132 and 133:
TABLE 4-1. Client Features (Continu
Page 134 and 135:
Installing the OfficeScan Client In
Page 136 and 137:
Installing the OfficeScan Client To
Page 138 and 139:
TABLE 4-3. Installation Methods (Co
Page 140 and 141:
Installing the OfficeScan Client To
Page 142 and 143:
Installing with Login Script Setup
Page 144 and 145:
Installing the OfficeScan Client 4.
Page 146 and 147:
Page 148 and 149:
Installing the OfficeScan Client
Page 150 and 151:
Page 152 and 153:
Page 154 and 155:
To distribute the package to target
Page 156 and 157:
Installing the OfficeScan Client d.
Page 158 and 159:
Page 160 and 161:
Using Vulnerability Scanner Install
Page 162 and 163:
Domain Structure TABLE 4-8. Domain
Page 164 and 165:
Page 166 and 167:
3. Type the IP address range of the
Page 168 and 169:
To run a DHCP scan: Installing the
Page 170 and 171:
Installing the OfficeScan Client c.
Page 172 and 173:
Page 174 and 175:
ServerProtect for Linux Installing
Page 176 and 177:
Installing the OfficeScan Client Pe
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Installing the OfficeScan Client Cl
Page 184 and 185:
Page 186 and 187:
Post-installation After completing
Page 188 and 189:
To perform a test scan: Installing
Page 190 and 191:
Running the Client Uninstallation P
Page 192 and 193:
Page 194 and 195:
Installing the OfficeScan Client Ke
Page 196 and 197:
Keeping Protection Up-to-Date Chapt
Page 198 and 199:
Antivirus Components Keeping Protec
Page 200 and 201:
Keeping Protection Up-to-Date Virus
Page 202 and 203:
Behavior Monitoring Components Beha
Page 204 and 205:
Keeping Protection Up-to-Date This
Page 206 and 207:
TABLE 5-2. Server-Client Update Opt
Page 208 and 209:
OfficeScan Server Updates Keeping P
Page 210 and 211:
OfficeScan Server Update Sources Ke
Page 212 and 213:
OfficeScan Server Component Duplica
Page 214 and 215:
Keeping Protection Up-to-Date 3. Th
Page 216 and 217:
Keeping Protection Up-to-Date 4. De
Page 218 and 219:
OfficeScan Server Update Logs Keepi
Page 220 and 221:
OfficeScan Client Update Sources Ke
Page 222 and 223:
Client Update Process Keeping Prote
Page 224 and 225:
Keeping Protection Up-to-Date 5. Pe
Page 226 and 227:
Keeping Protection Up-to-Date TABLE
Page 228 and 229:
Keeping Protection Up-to-Date Event
Page 230 and 231:
Keeping Protection Up-to-Date 2. Se
Page 232 and 233:
Scheduled Client Updates with NAT K
Page 234 and 235:
Keeping Protection Up-to-Date 2. To
Page 236 and 237:
Keeping Protection Up-to-Date Perfo
Page 238 and 239:
Proxy for OfficeScan Client Compone
Page 240 and 241:
OfficeScan Client Update Logs Keepi
Page 242 and 243:
Touch Tool for OfficeScan Client Ho
Page 244 and 245:
To assign a client as an Update Age
Page 246 and 247:
Standard Update Source for Update A
Page 248 and 249:
Keeping Protection Up-to-Date The u
Page 250 and 251:
Update Methods for Update Agents Ke
Page 252 and 253:
Keeping Protection Up-to-Date Compo
Page 254 and 255:
Scanning for Security Risks Chapter
Page 256 and 257:
Scanning for Security Risks Virus A
Page 258 and 259:
Scanning for Security Risks Dialer
Page 260 and 261:
Guarding Against Spyware/Grayware S
Page 262 and 263:
Scanning behavior The conventional
Page 264 and 265:
Client tree settings Scanning for S
Page 266 and 267:
Client tree settings Scanning for S
Page 268 and 269:
TABLE 6-4. Scan Types (Continued) S
Page 270 and 271:
5. Click the Action tab and then co
Page 272 and 273:
Page 274 and 275:
Page 276 and 277:
4. Configure the following: TABLE 6
Page 278 and 279:
Scanning for Security Risks 6. Clic
Page 280 and 281:
Scanning for Security Risks Scan Se
Page 282 and 283:
Scanning for Security Risks If you
Page 284 and 285:
Scanning for Security Risks Scan Ex
Page 286 and 287:
Scanning for Security Risks • Add
Page 288 and 289:
TABLE 6-15. Virus/Malware Scan Acti
Page 290 and 291:
TABLE 6-16. Trend Micro Recommended
Page 292 and 293:
Scanning for Security Risks Refer t
Page 294 and 295:
Scanning for Security Risks Damage
Page 296 and 297:
To decrypt and restore files: Scann
Page 298 and 299:
Scanning for Security Risks For exa
Page 300 and 301:
Scanning for Security Risks 5. Appl
Page 302 and 303:
Scan Privileges and Other Settings
Page 304 and 305:
Scanning for Security Risks 3. Conf
Page 306 and 307:
Scanning for Security Risks 7. If y
Page 308 and 309:
Mail Scan Privileges and Other Sett
Page 310 and 311:
TABLE 6-21. Mail Scan Programs (Con
Page 312 and 313:
Scanning for Security Risks Clients
Page 314 and 315:
Scanning for Security Risks 5. Conf
Page 316 and 317:
To configure global scan settings:
Page 318 and 319:
Scanning for Security Risks Add Man
Page 320 and 321:
Scanning for Security Risks For exa
Page 322 and 323:
Scanning for Security Risks Enable
Page 324 and 325:
Scanning for Security Risks Resume
Page 326 and 327:
Scanning for Security Risks 2. In t
Page 328 and 329:
Scanning for Security Risks TABLE 6
Page 330 and 331:
To configure virus/malware notifica
Page 332 and 333:
Security Risk Logs Scanning for Sec
Page 334 and 335:
Access denied Scanning for Security
Page 336 and 337:
Unable to delete the file Scanning
Page 338 and 339:
Scanning for Security Risks If the
Page 340 and 341:
Spyware/Grayware Scan Results The f
Page 342 and 343:
Scan Logs Scanning for Security Ris
Page 344 and 345:
To configure the security risk outb
Page 346 and 347:
Scanning for Security Risks 4. In t
Page 348 and 349:
Scanning for Security Risks 7. Clic
Page 350 and 351:
Scanning for Security Risks 5. Sele
Page 352 and 353:
Disabling Outbreak Prevention Scann
Page 354 and 355:
Using Behavior Monitoring Chapter 7
Page 356 and 357:
Monitored system events include: TA
Page 358 and 359:
Using Behavior Monitoring When Even
Page 360 and 361:
Using Behavior Monitoring 5. Config
Page 362 and 363:
To enable Certified Safe Software S
Page 364 and 365:
To modify the content of the notifi
Page 366 and 367:
Using Device Control Chapter 8 This
Page 368 and 369:
TABLE 8-1. Device Types (Continued)
Page 370 and 371:
TABLE 8-2. Device Control Permissio
Page 372 and 373:
TABLE 8-3. Program Lists (Continued
Page 374 and 375:
Wildcards are used correctly in the
Page 376 and 377:
Using Device Control 7. Configure s
Page 378 and 379:
Using Device Control 8. For each no
Page 380 and 381:
Using Device Control To add program
Page 382 and 383:
Device Control Logs Using Device Co
Page 384 and 385:
Chapter 9 Managing Data Protection
Page 386 and 387:
To install Data Protection: Managin
Page 388 and 389:
Managing Data Protection and Using
Page 390 and 391:
To deploy the Data Protection modul
Page 392 and 393:
About Digital Asset Control Managin
Page 394 and 395:
Page 396 and 397:
TABLE 9-2. Predefined Expressions (
Page 398 and 399:
Page 400 and 401:
Page 402 and 403:
Page 404 and 405:
TABLE 9-3. Criteria for Expressions
Page 406 and 407:
Page 408 and 409:
Page 410 and 411:
TABLE 9-4. Supported File Types (Co
Page 412 and 413:
To add a file attribute list using
Page 414 and 415:
Keywords Managing Data Protection a
Page 416 and 417:
TABLE 9-5. Predefined Keyword Lists
Page 418 and 419:
TABLE 9-6. Criteria for a Keyword L
Page 420 and 421:
9. To export keywords: Managing Dat
Page 422 and 423:
To export keyword lists: Managing D
Page 424 and 425:
TABLE 9-7. Predefined Templates (Co
Page 426 and 427:
See the examples in the following t
Page 428 and 429:
To add a template using the "copy"
Page 430 and 431:
Digital Asset Control Channels Mana
Page 432 and 433:
Page 434 and 435:
Page 436 and 437:
Page 438 and 439:
Page 440 and 441:
Page 442 and 443:
TABLE 9-9. Digital Asset Control Ac
Page 444 and 445:
Page 446 and 447:
Page 448 and 449:
Page 450 and 451:
Action Settings Managing Data Prote
Page 452 and 453:
Page 454 and 455:
Page 456 and 457:
Page 458 and 459:
TABLE 9-12. Processes by Channel (C
Page 460 and 461:
Page 462 and 463:
Protecting Computers from Web-based
Page 464 and 465:
Web Reputation Policies Protecting
Page 466 and 467:
Page 468 and 469:
10. Configure the approved and bloc
Page 470 and 471:
Page 472 and 473:
Using the OfficeScan Firewall Chapt
Page 474 and 475:
Using the OfficeScan Firewall Certi
Page 476 and 477:
Using the OfficeScan Firewall • F
Page 478 and 479:
Firewall Policies and Profiles Usin
Page 480 and 481:
TABLE 11-1. Default Firewall Polici
Page 482 and 483:
Using the OfficeScan Firewall • I
Page 484 and 485:
Using the OfficeScan Firewall Clien
Page 486 and 487:
Using the OfficeScan Firewall Choos
Page 488 and 489:
Using the OfficeScan Firewall Profi
Page 490 and 491:
Using the OfficeScan Firewall Refer
Page 492 and 493:
To edit a profile: PATH: NETWORKED
Page 494 and 495:
Using the OfficeScan Firewall Displ
Page 496 and 497:
Using the OfficeScan Firewall Send
Page 498 and 499:
Firewall Logs Using the OfficeScan
Page 500 and 501:
Using the OfficeScan Firewall To co
Page 502 and 503:
Using the OfficeScan Firewall 5. Te
Page 504 and 505:
Section 3 Managing the OfficeScan S
Page 506 and 507:
Chapter 12 Managing the OfficeScan
Page 508 and 509:
User Roles Managing the OfficeScan
Page 510 and 511:
TABLE 12-2. Menu Items for Servers/
Page 512 and 513:
TABLE 12-2. Menu Items for Servers/
Page 514 and 515:
Client Management Menu Items The fo
Page 516 and 517:
Managing the OfficeScan Server Buil
Page 518 and 519:
Target OfficeScan server and all cl
Page 520 and 521:
Managing the OfficeScan Server 7. C
Page 522 and 523:
To import or export custom roles: P
Page 524 and 525:
To modify a custom account: PATH: A
Page 526 and 527:
To change a custom or Active Direct
Page 528 and 529:
Managing the OfficeScan Server Supp
Page 530 and 531:
Managing the OfficeScan Server 7. I
Page 532 and 533:
Managing the OfficeScan Server 4. T
Page 534 and 535:
Managing the OfficeScan Server 2. C
Page 536 and 537:
Managing the OfficeScan Server Offi
Page 538 and 539:
Managing the OfficeScan Server 3. S
Page 540 and 541:
Managing the OfficeScan Server 2. V
Page 542 and 543:
Managing the OfficeScan Server 3. T
Page 544 and 545:
Web Console Password Managing the O
Page 546 and 547:
Server Tuner Managing the OfficeSca
Page 548 and 549:
Managing the OfficeScan Server 5. U
Page 550 and 551:
Managing OfficeScan Clients Chapter
Page 552 and 553:
Managing OfficeScan Clients Locatio
Page 554 and 555:
To use Gateway Settings Importer: M
Page 556 and 557:
TABLE 13-2. OfficeScan Client Servi
Page 558 and 559:
Managing OfficeScan Clients 2. For
Page 560 and 561:
10. If the performance drops again,
Page 562 and 563:
Managing OfficeScan Clients Protect
Page 564 and 565:
Managing OfficeScan Clients • TMB
Page 566 and 567:
Managing OfficeScan Clients 5. If y
Page 568 and 569:
Managing OfficeScan Clients 5. If y
Page 570 and 571:
TABLE 13-3. Client Mover Parameters
Page 572 and 573:
Client Icons Managing OfficeScan Cl
Page 574 and 575:
TABLE 13-4. Client Status as Indica
Page 576 and 577:
Smart Scan Icons Any of the followi
Page 578 and 579:
Conventional Scan Icons Any of the
Page 580 and 581:
TABLE 13-6. Conventional Scan Icons
Page 582 and 583:
Page 584 and 585:
Page 586 and 587:
Page 588 and 589:
Managing OfficeScan Clients A Clien
Page 590 and 591:
Client-Server Connection Verificati
Page 592 and 593:
Unreachable Clients Managing Office
Page 594 and 595:
Managing OfficeScan Clients When ch
Page 596 and 597:
Managing OfficeScan Clients 3. Conf
Page 598 and 599:
External Proxy for Clients Managing
Page 600 and 601:
Automatic Proxy Settings for Client
Page 602 and 603:
To import client settings: PATH: NE
Page 604 and 605:
Managing OfficeScan Clients Service
Page 606 and 607:
Managing OfficeScan Clients A non-c
Page 608 and 609:
Managing OfficeScan Clients Run Sca
Page 610 and 611: On-demand Compliance Reports Managi
Page 612 and 613: Managing OfficeScan Clients 5. View
Page 614 and 615: Managing OfficeScan Clients 4. Spec
Page 616 and 617: Managing OfficeScan Clients Active
Page 618 and 619: Managing OfficeScan Clients 4. Unde
Page 620 and 621: Managing OfficeScan Clients Schedul
Page 622 and 623: Managing OfficeScan Clients 3. Moni
Page 624 and 625: Managing OfficeScan Clients 4. View
Page 626 and 627: To delete a connection setting: Man
Page 628 and 629: To remove GUIDs from templates: Man
Page 630 and 631: TABLE 13-12. Client Privileges (Con
Page 632 and 633: To configure global client settings
Page 634 and 635: Section 4 Providing Additional Prot
Page 636 and 637: Using Plug-in Manager Chapter 14 .T
Page 638 and 639: Using Plug-in Manager Plug-in Progr
Page 640 and 641: Using Plug-in Manager Post-installa
Page 642 and 643: Using Plug-in Manager 2. On the Plu
Page 648 and 649: Using Plug-in Manager Client-side A
Page 650 and 651: Using Plug-in Manager c. Enter the
Page 652 and 653: TABLE 14-1. Plug-in Manager Error C
Page 654 and 655: TABLE 14-1. Plug-in Manager Error C
Page 656 and 657: Chapter 15 Using Policy Server for
Page 658 and 659: TABLE 15-1. Policy Server for Cisco
Page 662 and 663: The Client Validation Sequence Usin
Page 664 and 665: The Policy Server Using Policy Serv
Page 666 and 667: Rule Composition Using Policy Serve
Page 668 and 669: TABLE 15-3. Default Rules (Continue
Page 670 and 671: Policy Composition Using Policy Ser
Page 672 and 673: Synchronization Using Policy Server
Page 674 and 675: The CA Certificate Using Policy Ser
Page 676 and 677: Cisco Trust Agent (CTA) Requirement
Page 678 and 679: TABLE 15-6. Supported Platforms and
Page 680 and 681: Cisco Secure ACS Server Enrolment U
Page 682 and 683: Using Policy Server for Cisco NAC 3
Page 684 and 685: Importing the Client Certificate Us
Page 690 and 691: k. Select the certificate from the
Page 692 and 693: Policy Server for Cisco NAC Configu
Page 694 and 695: Summary Information for a Policy Se
Page 696 and 697: Policies Using Policy Server for Ci
Page 698 and 699: Configuring OfficeScan with Third-p
Page 700 and 701: OfficeScan Integration Configuring
Page 702 and 703: Configuring OfficeScan with Third-p
Page 704 and 705: To grant users the privilege to vie
Page 706 and 707: Getting Help Chapter 17 This chapte
Page 708 and 709: Trend Micro Performance Tuning Tool
Page 710 and 711:
To enable debug logging for server
Page 712 and 713:
Role-based Administration Logs Gett
Page 714 and 715:
Client Packager Logs To enable logg
Page 716 and 717:
ServerProtect Normal Server Migrati
Page 718 and 719:
Virus Scan Engine Logs To enable de
Page 720 and 721:
Virtual Desktop Support Logs • Fi
Page 722 and 723:
Fresh Installation Logs File name:
Page 724 and 725:
Outbreak Prevention Logs File name:
Page 726 and 727:
Web Reputation and POP3 Mail Scan L
Page 728 and 729:
Transport Driver Interface (TDI) Lo
Page 730 and 731:
Getting Help Speeding Up Your Suppo
Page 732 and 733:
Sending Suspicious Files to Trend M
Page 734 and 735:
Section 5 Appendices, Glossary, and
Page 736 and 737:
IPv6 Support in OfficeScan Appendix
Page 738 and 739:
IPv6 Support in OfficeScan OfficeSc
Page 740 and 741:
TABLE A-2. Pure IPv6 Client Limitat
Page 742 and 743:
IPv6 Support in OfficeScan 5. Some
Page 744 and 745:
Appendix B Windows Server Core 2008
Page 746 and 747:
To install the client using Login S
Page 748 and 749:
Windows Server Core 2008 Support Th
Page 750 and 751:
TABLE B-1. Windows Server Core Comm
Page 752 and 753:
Glossary ActiveUpdate Appendix C Ac
Page 754 and 755:
ESMTP Glossary Enhanced Simple Mail
Page 756 and 757:
Glossary The Internet Protocol is n
Page 758 and 759:
NAT Glossary Network Address Transl
Page 760 and 761:
Security Patch A security patch foc
Page 762 and 763:
Telnet Telnet is a standard method
Page 764 and 765:
Glossary To determine the trusted p
Page 766 and 767:
3. Open the command prompt, and typ
Page 768 and 769:
Glossary del *.* /S The last comman
Page 770 and 771:
Index A Access Control Server (ACS)
Page 772 and 773:
CPU usage 6-28 custom client groups
Page 774 and 775:
firewall logs 11-24, 11-27 scan log
Page 776 and 777:
privileges firewall privileges 11-2
Page 778 and 779:
spyware/grayware scan actions 6-45
show all

OfficeScan 10.6 Administrator's Guide - Trend Micro™ Online Help

Create successful ePaper yourself

Delete template?

Save as template?