Views:

Profile

Trend Micro Email Security administrators and subaccounts may fill in their contact information on the administrator console. Trend Micro uses the contact information only to send important notifications and service advisories related to Trend Micro Email Security.

The administrator account can delete its subaccounts to remove their contact information from Trend Micro Email Security. The mentioned data will be purged after the administrator account is deprovisioned.

Data transmitted to Trend Micro	First names and last names Email addresses
Feature Configuration Location	Provisioning Wizard (When first log on to the Trend Micro Email Security administrator console with the Trend Micro Business Account) ^{Click the image to enlarge.} Account Name > Profile ^{Click the image to enlarge.}

Provisioning

When you first log on to the administrator console, Trend Micro Email Security launches a provisioning wizard for you to provision your Trend Micro Business Account.
The mentioned data will be purged after the administrator account is deprovisioned.

Data transmitted to Trend Micro	Account email addresses Phone numbers Title First names and last names Company information Contact information (address, city, state, zip, and country)
Feature Configuration Location	Such information is synchronized from the Customer License Portal (CLP) or Licensing Management Platform (LMP).

Domains

Upon registration of a domain in Trend Micro Email Security for protection, the administrator must specify the domain name and the incoming mail server IP address or FQDN responsible for the domain.

If a domain is deleted or the licensed account is deprovisioned, Trend Micro Email Security purges its information and does not provide protection for the domain any more.

Data transmitted to Trend Micro	Domain names IP addresses and/or FQDNs of incoming mail servers IP addresses and/or FQDNs of outgoing mail servers
Feature Configuration Location	Administrator Console > Domains ^{Click the image to enlarge.}

Predictive Machine Learning

Trend Micro Predictive Machine Learning uses advanced machine learning technology to correlate threat information and perform in-depth file analysis to detect emerging unknown security risks through digital fingerprinting, API mapping, and other file features.

Disabling Predictive Machine Learning prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect new, previously unidentified, or unknown threats.

Data transmitted to Trend Micro	Metadata of suspicious executable files and scripts in email attachments
Feature Configuration Location	Inbound Protection > Virus Scan> Virus Policy> Policy Name > Scanning Criteria
Console settings	Enable Predictive Machine Learning ^{Click the image to enlarge.}

Predictive Machine Learning Feedback

Predictive Machine Learning feedback enables you to participate, share and leverage Trend Micro’s global database of threat related intelligence to rapidly identify and defend against potential threats within your unique network environment.

Disabling Predictive Machine Learning feedback prevents the mentioned data from being sent to Trend Micro, but affects the enhancement of Trend Micro Email Security to rapidly identify and address new threats.

Data transmitted to Trend Micro	Suspicious executable files and scripts in email attachments
Feature Configuration Location	Inbound Protection > Virus Scan > Virus Policy > Policy Name > Scanning Criteria
Console settings	Allow Trend Micro to collect suspicious files to improve its detection capabilities ^{Click the image to enlarge.}

Virtual Analyzer

Virtual Analyzer is a cloud sandbox designed for analyzing suspicious applications, files, URLs and scripts. Sandbox images allow observation of applications, files, URLs and scripts in an environment that simulates endpoints on your network without any risk of compromising the network.

Disabling Virtual Analyzer prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect advanced malware in files and URLs.

Data transmitted to Trend Micro	Suspicious applications and executable files Suspicious scripts Suspicious documents with macro Suspicious URLs in the email body, subject or attachment
Feature Configuration Location (Virus Policy)	Inbound Protection > Virus Scan> Virus Policy > Policy Name > Scanning Criteria
Console settings (Virus Policy)	Submit files to Virtual Analyzer Include macro, JSE and VBE scanning ^{Click the image to enlarge.}
Feature Configuration Location (Spam Policy)	Inbound Protection > Spam Filtering> Spam Policy > Policy Name > Scanning Criteria
Console settings (Spam Policy)	Submit URLs to Virtual Analyzer ^{Click the image to enlarge.}

Spam Filtering

Trend Micro Email Security uses Trend Micro Antispam Engine to provide advanced spam protection and protect users from spam.

Disabling the criteria prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect spam.

Data transmitted to Trend Micro	Mail Header "From"/"To" Mail Message-ID Mail Subject Mail Reply-To Mail Return-Path Mail SHA1 URL and its properties Envelope From/RCPT/HELO Attachment SHA1 Date in the Header Routing information in Received field
Feature Configuration Location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria
Console settings	Spam ^{Click the image to enlarge.}

Business Email Compromise (BEC)

Trend Micro Email Security uses Trend Micro Antispam Engine to protect users from BEC attacks.

Disabling the criteria prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect BEC attacks.

Data transmitted to Trend Micro	Mail Header "From"/"To" Mail Message-ID Mail Subject Mail Reply-To Mail Return-Path Mail SHA1 URL and its properties Envelope From/RCPT/HELO Attachment SHA1 Date in the Header Routing information in Received field
Feature Configuration Location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria
Console settings	Business Email Compromise (BEC) ^{Click the image to enlarge.}

Phishing

Trend Micro Email Security uses Trend Micro Antispam Engine to protect users from advanced phishing.

Disabling the criteria prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect phishing and other suspicious content.

Data transmitted to Trend Micro

Mail Header "From"/"To"
Mail Message-ID
Mail Subject
Mail Reply-To
Mail Return-Path
Mail SHA1
URL and its properties
Envelope From/RCPT/HELO
Attachment SHA1
Date in the Header
Routing information in Received field

Feature Configuration Location

Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria

Console settings

Phishing and other suspicious content

Graymail

Trend Micro Email Security uses Trend Micro Antispam Engine to protect users from graymail.

Disabling the criteria prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect graymail.

Data transmitted to Trend Micro	Mail Header "From"/"To" Mail Message-ID Mail Subject Mail Reply-To Mail Return-Path Mail SHA1 URL and its properties Envelope From/RCPT/HELO Attachment SHA1 Date in the Header Routing information in Received field
Feature Configuration Location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria
Console settings	Graymail ^{Click the image to enlarge.}

Social Engineering Attack

Trend Micro Email Security uses Trend Micro Antispam Engine to protect users from social engineering attacks.

Disabling the criteria prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect social engineering attacks.

Data transmitted to Trend Micro	Mail Header "From"/"To" Mail Message-ID Mail Subject Mail Reply-To Mail Return-Path Mail SHA1 URL and its properties Envelope From/RCPT/HELO Attachment SHA1 Date in the Header Routing information in Received field
Feature Configuration Location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria
Console settings	Social engineering attack ^{Click the image to enlarge.}

High Profile Users

Trend Micro Email Security allows administrators to add high profile users that may be frequently forged or spoofed, either by manually adding single users or by synchronizing groups from directories.

If a high profile user is deleted, Trend Micro Email Security does not check incoming email messages from this user for BEC attacks any more.

Data transmitted to Trend Micro	First names Middle names Last names Group names Email addresses
Feature Configuration Location	Inbound Protection > Spam Filtering > Business Email Compromise (BEC)
Console settings	Source: Custom ^{Click the image to enlarge.} Source: Synchronize users from directory server ^{Click the image to enlarge.}

Web Reputation

Trend Micro Email Security leverages Trend Micro Web Reputation Services to scan URLs contained in email subject, body and attachments to detect malicious URLs based on their reputation scores.

Disabling Web Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect malicious URLs.

Data transmitted to Trend Micro	URLs in email body URLs in email subjects URLs in attachments
Feature Configuration Location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria
Console settings	Web Reputation ^{Click the image to enlarge.}

Time-of-Click Protection

Trend Micro Email Security leverages Trend Micro’s Time-of-Click Protection service to provide the ability to rewrite URLs in the email message body during scanning, and analyze the URLs at the time when the message recipient clicks on these URLs.

Disabling Time-of-Click Protection prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect malicious URLs.

Data transmitted to Trend Micro	URLs in the email body
Console location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria > Web Reputation
Feature Configuration Location	Enable Time-of-Click Protection ^{Click the image to enlarge.}

IP Reputation

Trend Micro Email Security leverages Trend Micro Email Reputation Services to verify IP addresses of incoming email messages using one of the world's largest, most trusted reputation database, along with a dynamic reputation database to identify new spam and phishing sources, stopping even zombies and botnets as they first emerge.

Disabling IP Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect and block spam from known and emerging spam sources.

Data transmitted to Trend Micro	Source IP addresses of incoming email messages
Feature Configuration Location	Inbound Protection > Connection Filtering > IP Reputation > Settings ^{Click the image to enlarge.}

Suspicious Objects

After Trend Micro Email Security is registered to Trend Micro Control Manager, Control Manager automatically synchronizes the suspicious objects with Trend Micro Email Security at a scheduled time interval. In addition to its own scanning mechanism, Trend Micro Email Security implements these suspicious objects during URL and file scanning.
Customers can make configurations on the Control Manager to stop synchronizing suspicious objects.
The mentioned data will be purged after the administrator account is deprovisioned.

Data transmitted to Trend Micro	File SHA1 URLs
Feature Configuration Location	Administration > Suspicious Objects ^{Click the image to enlarge.}

Directory Synchronization

Trend Micro Email Security provides a synchronization tool that enables you to synchronize your current groups and email accounts from Open LDAP, Microsoft Active Directory, Microsoft AD Global Catalog, Microsoft Office 365/Microsoft Entra ID and IBM Domino servers to the Trend Micro Email Security server.

The mentioned data will be purged after the administrator account is deprovisioned.

Data transmitted to Trend Micro	Display names Email addresses Group email addresses Group and member relationships Email aliases LDAP information (host name, port, base DN/tenant domain, Use SSL)
Feature Configuration Location	Administration > Directory Management > Directory Synchronize ^{Click the image to enlarge.}

Directory Import

Directory Import allows administrators to import a list of valid recipients’ email addresses and display names from a CSV file.
The mentioned data will be purged after the administrator account is deprovisioned.

Data transmitted to Trend Micro	Display names Email addresses
Feature Configuration Location	Administration > Directory Management > Directory Import ^{Click the image to enlarge.}

Logs

Trend Micro Email Security stores logs of all processed email messages for the administrator to use and query. Policy event logs and URL click tracking logs are kept for 30 days, and mail tracking logs are kept for 90 days.
Audit logs are kept for 12 months, but the administrator can query audit logs of up to 30 days. The number of days kept is not configurable.
After scheduled log deletion, all log data will be purged and cannot be retrieved.

Data transmitted to Trend Micro	Sender email addresses Recipient email addresses Email subjects Sender IP addresses Recipient IP addresses Attachment names and hash Message IDs
Feature Configuration Location	Logs ^{Click the image to enlarge.}

Syslog

Trend Micro Email Security allows you to forward syslog messages to an external syslog server in a structured format, which allows third-party application integration.
The mentioned data will be purged after the syslog server profiles are deleted or the administrator account is deprovisioned.

Data transmitted to Trend Micro	Syslog server addresses, ports and protocols Certificates for TLS authentication
Feature Configuration Location	Logs > Syslog Settings > Syslog Server Profiles ^{Click the image to enlarge.}

Quarantine

Email messages quarantined for any reason are kept by Trend Micro Email Security for a maximum of 30 days. During this period, the administrator may be able release them or inspect them if further analysis is required. After that period, the data will be purged permanently.

Data transmitted to Trend Micro	Email messages quarantined
Feature Configuration Location	Quarantine > Query ^{Click the image to enlarge.}

Email Continuity

Trend Micro Email Security provides protection against email loss if your email server goes down. If your server becomes unavailable due to a crash or network connectivity problem, Trend Micro Email Security automatically transfers inbound traffic to a backup server until your server is back online.

Disabling this feature will prevent end users from using the continuity mailbox provided on the End User Console to manage their email messages when the email server goes down.
The mentioned data will be purged after the administrator account is deprovisioned.

Data transmitted to Trend Micro	Email data and metadata (including subjects and sender addresses)
Feature Configuration Location	Administration > Email Continuity ^{Click the image to enlarge.}

Single Sign-On

If single sign-on (SSO) is enabled and required settings are completed in Administrator Management, Trend Micro Email Security allows subaccounts to access the administrator console with their existing identity provider credentials.

If SSO is enabled and required settings are completed in End User Management, Trend Micro Email Security allows end users to access the administrator console with their existing identity provider credentials.

Data transmitted to Trend Micro	Logon URLs Logoff URLs Claim type Certificate file downloaded from the identity provider
Feature Configuration Location	Administration > Administrator Management > Logon Methods Single Sign-On ^{Click the image to enlarge.} Administration > End User Management > Logon Methods Single Sign-On ^{Click the image to enlarge.}

Address Groups

Trend Micro Email Security allows administrator to configure email addresses in an address group.
And the groups can be configured in policy’s Recipients and Senders.

The mentioned data will be purged after the administrator account is deprovisioned.

Data transmitted to Trend Micro	Email addresses
Feature Configuration Location	Administration > Policy Objects > Address Groups ^{Click the image to enlarge.}

Logon Access Control

Trend Micro Email Security allows administrators to configure the clients that are allowed to access the administrator console, End User Console, and resources within Trend Micro Email Security by specifying a list of approved IP addresses. Administrators can also optionally specify the email addresses to receive alerts on blocked or logged access.

The mentioned data will be purged after the administrator account is deprovisioned.

Data transmitted to Trend Micro	IP addressses Email addresses
Feature Configuration Location	Administration > Logon Access Control ^{Click the image to enlarge.} ^{Click the image to enlarge.}

Managed XDR

Trend Micro Email Security collects metadata and detection logs of email messages, user profiles and managed domains for the intelligent investigation API to discover anomalies for XDR/Managed XDR customers.

All collected metadata and detection logs will be removed after 180 days.

Data transmitted to Trend Micro	High profile user information, including: Display names Given names Surnames Email addresses (if configured) Managed domain information, including: Domain names FQDNs or IP addresses of the domains’ inbound SMTP servers IP addresses of the domains’ outbound SMTP servers Detection logs Email message metadata, including: SMTP email addresses Email received timestamps Email attachment file names Email attachment hash values True file types of email attachments Email attachment sizes Email headers Email body hash values Sender IP addresses URLs in email messages
Feature Configuration Location	Trend Vision One > Point Product Connection > Product Connector ^{Click the image to enlarge.}

Keywords: data collection notice TMEMS,TMEMS data collection notice,email security collected data

Trend Micro Email Security Data Collection Notice

Product / Version includes:

Trend Micro Email SecurityAll

Last updated: 2024/06/27

Solution ID: KA-0008575

Category: Configure

Summary

Trend Micro Email Security includes the following modules which may cause the corresponding personal data to be transmitted to Trend Micro. Detailed information and instructions are provided below for opt-out of the personal data collection by disabling specific modules. Modules that cannot be disabled are indicated below.

Profile
Provisioning
Domains
Predictive Machine Learning
Predictive Machine Learning Feedback
Virtual Analyzer
Spam Filtering
Business Email Compromise (BEC)
Phishing
Graymail
Social Engineering Attack
High Profile Users
Web Reputation
Time-of-Click Protection
IP Reputation
Suspicious Objects
Directory Synchronization
Directory Import
Logs
Syslog
Quarantine
Email Continuity
Single Sign-On
Address Groups
Logon Access Control
Managed XDR

To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.

To help better understand data privacy and protection for Trend Micro Email Security , we have documented how it works with a focus on ensuring you have clarity on how data is treated for this offering. Please see the Trend Micro Email Security White Paper.

Profile

Data transmitted to Trend Micro	First names and last names Email addresses
Feature Configuration Location	Provisioning Wizard (When first log on to the Trend Micro Email Security administrator console with the Trend Micro Business Account) ^{Click the image to enlarge.} Account Name > Profile ^{Click the image to enlarge.}

Provisioning

Data transmitted to Trend Micro	Account email addresses Phone numbers Title First names and last names Company information Contact information (address, city, state, zip, and country)
Feature Configuration Location	Such information is synchronized from the Customer License Portal (CLP) or Licensing Management Platform (LMP).

Domains

Upon registration of a domain in Trend Micro Email Security for protection, the administrator must specify the domain name and the incoming mail server IP address or FQDN responsible for the domain.

If a domain is deleted or the licensed account is deprovisioned, Trend Micro Email Security purges its information and does not provide protection for the domain any more.

Data transmitted to Trend Micro	Domain names IP addresses and/or FQDNs of incoming mail servers IP addresses and/or FQDNs of outgoing mail servers
Feature Configuration Location	Administrator Console > Domains ^{Click the image to enlarge.}

Predictive Machine Learning

Data transmitted to Trend Micro	Metadata of suspicious executable files and scripts in email attachments
Feature Configuration Location	Inbound Protection > Virus Scan> Virus Policy> Policy Name > Scanning Criteria
Console settings	Enable Predictive Machine Learning ^{Click the image to enlarge.}

Predictive Machine Learning Feedback

Data transmitted to Trend Micro	Suspicious executable files and scripts in email attachments
Feature Configuration Location	Inbound Protection > Virus Scan > Virus Policy > Policy Name > Scanning Criteria
Console settings	Allow Trend Micro to collect suspicious files to improve its detection capabilities ^{Click the image to enlarge.}

Virtual Analyzer

Disabling Virtual Analyzer prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect advanced malware in files and URLs.

Data transmitted to Trend Micro	Suspicious applications and executable files Suspicious scripts Suspicious documents with macro Suspicious URLs in the email body, subject or attachment
Feature Configuration Location (Virus Policy)	Inbound Protection > Virus Scan> Virus Policy > Policy Name > Scanning Criteria
Console settings (Virus Policy)	Submit files to Virtual Analyzer Include macro, JSE and VBE scanning ^{Click the image to enlarge.}
Feature Configuration Location (Spam Policy)	Inbound Protection > Spam Filtering> Spam Policy > Policy Name > Scanning Criteria
Console settings (Spam Policy)	Submit URLs to Virtual Analyzer ^{Click the image to enlarge.}

Spam Filtering

Trend Micro Email Security uses Trend Micro Antispam Engine to provide advanced spam protection and protect users from spam.

Disabling the criteria prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect spam.

Data transmitted to Trend Micro	Mail Header "From"/"To" Mail Message-ID Mail Subject Mail Reply-To Mail Return-Path Mail SHA1 URL and its properties Envelope From/RCPT/HELO Attachment SHA1 Date in the Header Routing information in Received field
Feature Configuration Location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria
Console settings	Spam ^{Click the image to enlarge.}

Business Email Compromise (BEC)

Trend Micro Email Security uses Trend Micro Antispam Engine to protect users from BEC attacks.

Disabling the criteria prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect BEC attacks.

Data transmitted to Trend Micro	Mail Header "From"/"To" Mail Message-ID Mail Subject Mail Reply-To Mail Return-Path Mail SHA1 URL and its properties Envelope From/RCPT/HELO Attachment SHA1 Date in the Header Routing information in Received field
Feature Configuration Location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria
Console settings	Business Email Compromise (BEC) ^{Click the image to enlarge.}

Phishing

Trend Micro Email Security uses Trend Micro Antispam Engine to protect users from advanced phishing.

Disabling the criteria prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect phishing and other suspicious content.

Data transmitted to Trend Micro

Mail Header "From"/"To"
Mail Message-ID
Mail Subject
Mail Reply-To
Mail Return-Path
Mail SHA1
URL and its properties
Envelope From/RCPT/HELO
Attachment SHA1
Date in the Header
Routing information in Received field

Feature Configuration Location

Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria

Console settings

Phishing and other suspicious content

Graymail

Trend Micro Email Security uses Trend Micro Antispam Engine to protect users from graymail.

Disabling the criteria prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect graymail.

Data transmitted to Trend Micro	Mail Header "From"/"To" Mail Message-ID Mail Subject Mail Reply-To Mail Return-Path Mail SHA1 URL and its properties Envelope From/RCPT/HELO Attachment SHA1 Date in the Header Routing information in Received field
Feature Configuration Location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria
Console settings	Graymail ^{Click the image to enlarge.}

Social Engineering Attack

Trend Micro Email Security uses Trend Micro Antispam Engine to protect users from social engineering attacks.

Disabling the criteria prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect social engineering attacks.

Data transmitted to Trend Micro	Mail Header "From"/"To" Mail Message-ID Mail Subject Mail Reply-To Mail Return-Path Mail SHA1 URL and its properties Envelope From/RCPT/HELO Attachment SHA1 Date in the Header Routing information in Received field
Feature Configuration Location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria
Console settings	Social engineering attack ^{Click the image to enlarge.}

High Profile Users

If a high profile user is deleted, Trend Micro Email Security does not check incoming email messages from this user for BEC attacks any more.

Data transmitted to Trend Micro	First names Middle names Last names Group names Email addresses
Feature Configuration Location	Inbound Protection > Spam Filtering > Business Email Compromise (BEC)
Console settings	Source: Custom ^{Click the image to enlarge.} Source: Synchronize users from directory server ^{Click the image to enlarge.}

Web Reputation

Trend Micro Email Security leverages Trend Micro Web Reputation Services to scan URLs contained in email subject, body and attachments to detect malicious URLs based on their reputation scores.

Disabling Web Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect malicious URLs.

Data transmitted to Trend Micro	URLs in email body URLs in email subjects URLs in attachments
Feature Configuration Location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria
Console settings	Web Reputation ^{Click the image to enlarge.}

Time-of-Click Protection

Disabling Time-of-Click Protection prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of Trend Micro Email Security to detect malicious URLs.

Data transmitted to Trend Micro	URLs in the email body
Console location	Inbound Protection > Spam Filtering > Spam Policy > Policy Name > Scanning Criteria > Web Reputation
Feature Configuration Location	Enable Time-of-Click Protection ^{Click the image to enlarge.}

IP Reputation

Data transmitted to Trend Micro	Source IP addresses of incoming email messages
Feature Configuration Location	Inbound Protection > Connection Filtering > IP Reputation > Settings ^{Click the image to enlarge.}

Suspicious Objects

Data transmitted to Trend Micro	File SHA1 URLs
Feature Configuration Location	Administration > Suspicious Objects ^{Click the image to enlarge.}

Directory Synchronization

The mentioned data will be purged after the administrator account is deprovisioned.

Data transmitted to Trend Micro	Display names Email addresses Group email addresses Group and member relationships Email aliases LDAP information (host name, port, base DN/tenant domain, Use SSL)
Feature Configuration Location	Administration > Directory Management > Directory Synchronize ^{Click the image to enlarge.}

Directory Import

Data transmitted to Trend Micro	Display names Email addresses
Feature Configuration Location	Administration > Directory Management > Directory Import ^{Click the image to enlarge.}

Logs

Data transmitted to Trend Micro	Sender email addresses Recipient email addresses Email subjects Sender IP addresses Recipient IP addresses Attachment names and hash Message IDs
Feature Configuration Location	Logs ^{Click the image to enlarge.}

Syslog

Data transmitted to Trend Micro	Syslog server addresses, ports and protocols Certificates for TLS authentication
Feature Configuration Location	Logs > Syslog Settings > Syslog Server Profiles ^{Click the image to enlarge.}

Quarantine

Data transmitted to Trend Micro	Email messages quarantined
Feature Configuration Location	Quarantine > Query ^{Click the image to enlarge.}

Email Continuity

Data transmitted to Trend Micro	Email data and metadata (including subjects and sender addresses)
Feature Configuration Location	Administration > Email Continuity ^{Click the image to enlarge.}

Single Sign-On

Data transmitted to Trend Micro	Logon URLs Logoff URLs Claim type Certificate file downloaded from the identity provider
Feature Configuration Location	Administration > Administrator Management > Logon Methods Single Sign-On ^{Click the image to enlarge.} Administration > End User Management > Logon Methods Single Sign-On ^{Click the image to enlarge.}

Address Groups

Data transmitted to Trend Micro	Email addresses
Feature Configuration Location	Administration > Policy Objects > Address Groups ^{Click the image to enlarge.}

Logon Access Control

The mentioned data will be purged after the administrator account is deprovisioned.

Data transmitted to Trend Micro	IP addressses Email addresses
Feature Configuration Location	Administration > Logon Access Control ^{Click the image to enlarge.} ^{Click the image to enlarge.}

Managed XDR

Data transmitted to Trend Micro	High profile user information, including: Display names Given names Surnames Email addresses (if configured) Managed domain information, including: Domain names FQDNs or IP addresses of the domains’ inbound SMTP servers IP addresses of the domains’ outbound SMTP servers Detection logs Email message metadata, including: SMTP email addresses Email received timestamps Email attachment file names Email attachment hash values True file types of email attachments Email attachment sizes Email headers Email body hash values Sender IP addresses URLs in email messages
Feature Configuration Location	Trend Vision One > Point Product Connection > Product Connector ^{Click the image to enlarge.}

Was this article helpful?