There are instances when customer's laptops remain offline from the network right from the moment they were issued. The administrator cannot count on that user connecting via VPN so he needs a workaround where any OfficeScan configuration will be reflected in the OfficeScan client.
The goal is for the OfficeScan client to obtain any changes made on the OfficeScan server such as:
- Whitelist URLs
- Configuration changes
- Hot Fix and program updates
The remote machines were installed using a Client Package made by the OfficeScan server. The package then already contains the settings which allows the machines to update directly from Trend Micro's ActiveUpdate servers but these remote OfficeScan clients need a way to report to the OfficeScan server.
To manage the remote OfficeScan clients, you need to supply the OfficeScan server with an FQDN that is listed on both public and private networks. Remote machines will then be able to poll the OfficeScan server and gather configuration updates. The configuration changes will not be real-time, but when the OfficeScan clients poll the server.
The OfficeScan server will not notify the off-network OfficeScan clients in real-time about the configuration changes. We have to rely on the OfficeScan clients polling the server for updates and configuration changes.
- Set up the OfficeScan server with a private and public FQDN during installation.
- Open the web port used for communication from the OfficeScan clients to the OfficeScan server on the Firewall. For example, port 8080.
- Configure the following so that the OfficeScan clients poll the OfficeScan server for updates:
- Log in to the OfficeScan server console.
- Go to Networked Computers > Client Management.
- Select Settings > Privileges and Other Settings.
- Under the Other Settingstab, make sure to enable the following options:
- Clients can download updates from the Trend Micro ActiveUpdate Server
- Enable scheduled update
- Click Apply to all clients.
- Go to Updates > Networked Computers > Automatic Update.
- You may want to switch Scheduled-based Update to hourly.
- Click Save.
- Confirm on a remote machine that the OfficeScan server is accessible from outside the network: http://ServerPublicFQDN:8080/officescan/cgi/cgionstart.exe
If the page displays "-2", then the client can communicate with the server. Otherwise, there are communication issues with the remote machines when connecting to the OfficeScan server. Check to see if there is a device blocking the communication.