Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Outbreak Containment Services (OCS) in Threat Management Service (TMS)

    • Updated:
    • 5 Jun 2014
    • Product/Version:
    • Threat Discovery Appliance 2.0
    • Threat Discovery Appliance 2.5
    • Threat Mitigator 2.0
    • Threat Mitigator 2.5
    • Platform:
    • Not Applicable N/A
Summary
The primary purpose of the Threat Discovery Appliance (TDA) is to detect threats travelling through the monitored networks. Depending on the customer's TMS subscription level, it can also invoke damage prevention and cleanup services, as well as blocking further traffic from a detected threat source.
Details
Public
OSC has the following functions:
  • Detects both known and unknown malware that can potentially start an outbreak
  • Is able to block/disconnect the activity of the High Profile Malware Alert. Traffic Blocking resets the network connection with a detected source of unknown malware to disrupt the delivery of contaminated packets.
  • OCS violation logs can be transferred to TMSP in real-time.
Outbreak Containment Services
Click image to enlarge.
The image above shows that when a host is infected by a malware, this malware will try to communicate to the other sources/hosts to spread its malicious content. When TDA detects the network traffic, it will request an HTTPS reset through the Management Port to block the malicious connection.
Here is how you can enable OCS from the TDA web console:
  1. Log in to the TDA web console.
  2. On the left side of the screen, click Threat Detections. 
  3. Under Outbreak Containment Services, tick the Enable outbreak detectioncheckbox.
    Note: The Enable outbreak detection and block traffic checkbox is optional.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1055924
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.