Sample Setting:

To export and import OfficeScan Policy Settings to TMCM 7.0/Apex Central:

1. Make sure that the OfficeScan XG server is running on Service Pack 1 (SP1) Build 4345 and that Control Manager (TMCM) is on version 7.0.
2. The Policy Export Tool can be found in the ..\PCCSRV\Admin\Utility\PolicyExportTool folder.

   

3. Open a command line prompt and point to the PolicyExportTool directory.

   

4. Type "OfficeScanSettingsExportTool.exe". Two .zip files will be created: OfficeScan_Agent_DLP_Policies and OfficeScan_Agent_Policies. They will exist under the PolicyExportTool folder after a successful policy export.
    

   For Apex One, it's called ApexOneSettingsExportTool.exe.

   

5. Copy OfficeScan_Agent_Policies.zip and extract its contents.
6. Open the TMCM/Apex Central console using root or admin account.
7. In the console, navigate to Policies > Policy Management.
8. Click Import Settings and locate the extracted exported policy file.

   

   After the upload is complete, it will appear in the Control Manager/Apex Central Policy Management console. By default, the targets of created policies are set to "None" to prevent deployment of the policies. Once administrators have reviewed the policies, they can modify the policy and target to other machines.

   

The OfficeScan Server Policy Export Tool helps administrators export OfficeScan policy settings supported by Control Manager 6.0. However, the Policy Export Tool cannot export customized data identifiers or customized DLP templates because these should be manually exported from the OfficeScan console.

The Policy Export Tool only supports OfficeScan 10.6 Service Pack 1 Server. For version 10.6 SP2 and later, the tool is already included in the ..\PCCSRV\Admin\Utility folder. Check the Officescan Policy Export Tool Readme file for more details.

The following settings can be exported for first and second level domains of OfficeScan 10.6:

• Scan configurations for all scan types (Manual, Real-time, Scheduled, Scan now)
• Update Agent Settings
• Web reputation configurations
• Approved URL list
• Behavior Monitoring Settings
• Device Control Settings
• Data Loss Prevention Settings (previously Digital Asset Control)
• Privileges and Other Settings
• Additional Service Settings
• Spyware/grayware approved list

The Control Manager (TMCM)/Apex Central Policy Import Tool allows administrators to import the OfficeScan settings into Control Manager 6.0 and save the settings as draft policies on the Policy Management screen. This tool is included in Control Manager 6.0 Patch 1 which is available in the Download Center. The package contains the following files:

• config.php: This configures the Control Manager serverprotocol, port number, and IP address. If TMCM is installed on an IPv6 server, enclose the IP address in brackets. For example, [2001:1:2:3:4:5::6].
• ImportPolicy.php: Use the Windows command line interface (CLI).
• Policy: This contains example for the OfficeScan Anti-virus settings.

To export OfficeScan Policy settings:

1. Download the OfficeScan Policy Export Tool. For 10.6 SP2, the Policy Export Tool is already available under ..\PCCSRV\Admin\Utility\PolicyExportTool folder.
2. Copy PolicyExportTool.zip and extract the contents to any folder on the OfficeScan 10.6 Service Pack 1 server.
3. Open a command line prompt, point to the PolicyExportTool directory.
4. Type "PolicyExportTool.exe". The two subfolders, PolicyClient and PolicyDLP, will exist under the PolicyExportTool folder after a successful policy export.

To import the policy settings in TMCM:

1. On the OfficeScan server, export the OfficeScan Anti-virus and DLP settings using the OfficeScan setting export tool.
2. Place the PolicyClient and PolicyDLP folders created from the export tool in the Control Manager\WebUI\WebApp\widget\common\tool\PolicyImport folder.
3. Modify the config.php file with the information of the Control Manager server you are currently using.

4. Execute the ImportPolicy.php file using the Windows CLI. Use the following command:

   php.exe ImportPolicy.php --path="Foldername"

   • If Administrators want to import the Officescan antivirus settings for all domains, use the command:
     • 32-bit environment:

       C:\Program Files\Trend Micro\Control Manager\WebUI\WebApp\widget\common\tool\PolicyImport>”c:\Program Files\PHP\PHP.exe” ImportPolicy.php --path="<Path to Control Manager>\Control Manager\WebUI\WebApp\widget\common\tool\PolicyImport\PolicyClient"

     • 64-bit environment:

       C:\Program Files (x86)\Trend Micro\Control Manager\WebUI\WebApp\widget\common\tool\PolicyImport>”c:\Program Files (x86)\PHP\PHP.exe” ImportPolicy.php --path="<Path to Control Manager>\Control Manager\WebUI\WebApp\widget\common\tool\PolicyImport\PolicyClient"

   • If Administrators want to import the Officescan DLP settings for all domains, use the command:
     • 32-bit environment:

       C:\Program Files\Trend Micro\Control Manager\WebUI\WebApp\widget\common\tool\PolicyImport>”c:\Program Files\PHP\PHP.exe” ImportPolicy.php --path="<Path to Control Manager>\Control Manager\WebUI\WebApp\widget\common\tool\PolicyImport\PolicyDLP"

     • 64-bit environment:

       C:\Program Files (x86)\Trend Micro\Control Manager\WebUI\WebApp\widget\common\tool\PolicyImport>”c:\Program Files (x86)\PHP\PHP.exe” ImportPolicy.php --path="<Path to Control Manager>\Control Manager\WebUI\WebApp\widget\common\tool\PolicyImport\PolicyDLP"

   The creator for the imported draft policies will be the account created during the Control Manager installation (for example the root account).

   

   After the upload is complete, it will appear in the Control Manager Policy Management console:

   

   The generated policies are policies from each of the domains of the Officescan server. By default, the targets of created policies are set to None to prevent deployment of the policies. Once administrators have reviewed the policies, they can modify the policy and target to other machines.