- Apex One agent is able to access Microsoft Azure, including:
- No ACL on https (i.e. TCP 443 port)
- Apex One patch 3 or later builds need to be installed and deployed to agent side
- If an agent issue has been identified, customers are advised to contact Technical Support, and open a support ticket.
- Provide the Apex One server GUID and problematic Apex One agent GUID (refer to “How to retrieve GUID” section), Technical Support will help to deploy Support Connector Package (SCP) to agent side, which may perform the following depending on the issue reported:
- Debug information collection (refer to “Collected Information” section”
- Agent recovery
- Other troubleshooting actions
- Once Support Connector Package (SCP) is executed, it will feedback the result to Trend Micro backend server and Technical Support team will proceed to solve the issue.
Only when a support ticket being created and deployment plan being acknowledged by customers, Technical Support will deploy SCP to agent side. Without SCP, Support Connector will only send agent GUID to Trend Micro backend for task check on an hourly basis.
- Server GUID can be retrieved from Apex One web console > Agents > Agent management..
- Agent GUID can be exported from Apex One web console > Agents > Agent Management.
Alternatively, you can refer to the article below for information on getting the Agent GUID:
Getting the Globally Unique Indentifier (GUID) of a computer
Depending on the troubleshooting scope, the Support Connector Tool collects one or more of the following information, but not limited to:
- GUID
- User account
- Host name
- Domain name
- IP address
- MAC address
- File name/path/owner
- Process name/path/owner
- URL
- Registry hive
Some of the collected information may contain Personally Identifiable Information (PII).
- Would Support Connector collect any Personally Identifiable Information (PII) without notice?
- Support Connector will NOT collect PII without user notice. It will only send GUID for task checking on hourly basis.
- ONLY when a support ticket has been created and customer acknowledged the deployment plan, a SCP could be deployed to agent side for debug information collection.
- How Support Connector connection being secured?
- Support Connector connection to backend is secured by HTTPS, thus TCPport shall be allowed on agent side.
Although not recommended, customers having concerns with the Support Connector may disable the polling behavior using the configuration below.
- Install Apex One Patch 4 Build 9113 or later.
- Open the "Ofcscan.ini" file in the "\PCCSRV\" folder of the Apex One server installation directory using a text editor.
- Under the "Global Setting" section, manually add the following key and set its value to "0".
[Global Setting]
EnableRP=0 - Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to security agents and adds the following registry entry on all security agents.
- X64 Path:
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\OSCEUpdater - X86 Path:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\OSCEUpdater
Value:
Key: EnableRP
Type: DWORD
Value: 0 - X64 Path: