To see the default configurations for Desktop and Server Groups in the WFBS console, go to Security Settings, select a group, and then click Configure. For more information, click any of the following:
| Recommendations | |
|---|---|
| Scan compressed files | Enabled |
| Add compressed files or file extensions you do not want scanned to the scan exclusion list. | |
| CPU usage | Low |
| This setting helps minimize computer slowdown when scanning occurs during peak hours. To improve performance, consider running Manual Scan during off-peak hours. | |
| Action | Use Active Action |
| Recommendations | |
|---|---|
| User activity on files | Scan files being created, modified, retrieved, or executed. |
| This option ensures that files introduced to and originating from the computer are safe to access. | |
| CPU usage | Low |
| This setting helps minimize computer slowdown when scanning occurs during peak hours. To improve performance, consider running Manual Scan during off-peak hours. | |
| Scan compressed files | Enabled |
| Add compressed files or file extensions you do not want scanned to the scan exclusion list. | |
| Action | Use Active Action |
| Display a notification message when a security risk is detected | Enabled |
| Notifications allow users to take immediate action. Consider disabling only if the notifications are generating a large number of support calls. | |
| Recommendations | |
|---|---|
| Scheduled Scan | Enabled |
| Weekly
Schedule the scan during off-peak hours to improve the scanning performance and avoid potential computer slowdown. | |
| Scan target | File types scanned by IntelliScan |
| IntelliScan improves performance by only scanning types known to potentially carry malicious code. Using this setting also allows you to utilize true file-type scanning. | |
| Scan compressed files | Enabled |
| Add compressed files or file extensions you do not want scanned to the scan exclusion list. | |
| CPU usage | Low |
| This setting helps minimize computer slowdown when scanning occurs during peak hours. | |
| Action | Use ActiveAction |
| Allow users to postpone or cancel Scheduled Scan | Disabled users may cancel the scan if this setting is enabled. Consider enabling only on selected computers. For example, enable the option on a shared computer used for presentations. This allows the user to cancel the scan if scanning will occur during a presentation. |
| Recommendations | |
|---|---|
| Scan exclusions | Enabled |
| Database and encrypted files should generally be excluded from scanning to avoid performance and functionality issues. Also add files that are causing false-positives and files that many users are reporting as safe. | |
| Recommendations | |
|---|---|
| Web Reputation Policy | Enabled |
| This setting ensures that clients are protected from web-based threats even if they are outside the corporate network | |
| Security level | Medium |
| Recommendations | |
|---|---|
| Web Reputation Policy | Enabled |
| Security Level | Medium |
| Allow clients to send logs to the Trend Micro Security Server | Enabled if you want to monitor websites that users are accessing. This setting generates traffic between the server and clients. |
| Recommendations | |
|---|---|
| Approved URL list |
Add URLs that you or users think are safe to access. You may also access the Site Safety Center if you think a URL has been misclassified. |
| Recommendations | |
|---|---|
| Update schedule | Daily or Hourly |
| Update source | Setting up the Trend Micro ActiveUpdate server and maintaining a custom update source may be a tedious process and requires additional computing resources. |
| Recommendations | |
|---|---|
| Criteria | Send a notification only when the scan action was not performed successfully. Select this option to limit the amount of email notifications you receive and focus only on security events that require your attention. |
| Add all Trend Micro Security and Worry-Free Business Security administrators in your organization as email recipients. | |
| Recommendations | |
|---|---|
| Criteria | Use the default settings:
|
| Add all Trend Micro Security and Worry-Free Business Security administrators in your organization as email recipients. | |
| Recommendations | |
|---|---|
| Server name and listening port | Avoid changing when clients have been registered to the server or clients will have to be redeployed. |
| Proxy settings | Disabled |
| Clients do not typically communicate with the server through an intranet proxy. Also avoid changing when clients have been registered to the server or clients will have to be redeployed. | |
| Recommendations | |
|---|---|
| Proxy settings | Enabled if the Trend Micro Security Server connects to the Trend Micro ActiveUpdate server through a proxy server |
| Recommendations | |
|---|---|
| Scheduled deletion of logs | Enabled |
| Logs to delete | Logs older than 7 days |
| Log deletion schedule | Weekly Schedule the deletion during off-peak hours. |