Learn the known issues that occur in WFBS 7.0.
- When remotely installing the Security Agent, note the following:
- The Windows system service "Server" must be running.
- Windows XP Home Edition is not supported.
- On Windows XP computers, Simple File Sharing must be disabled.
- On Windows Vista and Windows 7, the Remote Registry service must be running and the computer must allow File and Printer Sharing through the firewall on Windows.
- To completely reinstall or upgrade the Security Agent, you need to restart the computer. Restarting is also necessary when updating some components like firewall and proxy drivers.
- After installing the Security Agent on a computer with Internet Information Services (IIS) 7.0, you need to restart the IIS service. When the Security Agent is using the Windows Filtering Platform, IIS 7.0 may not work as expected until it is restarted. This issue only occurs on Microsoft Windows 2008 without Service Pack 2.
- You cannot run the autopcc.exe, login script, and Client Packager from a terminal session.
- The Trend Micro Web Protection Add-On must be removed before installing the Security Agent to avoid conflict.
- To deploy the Security Agent using the Trend Micro Vulnerability Scanner (TMVS), you need to run TMVS on Windows Server 2003 or Windows Server 2008. TMVS does not support terminal sessions.
- Performing an iAU update through authenticated Proxy Server setting requires ISA 2004 SP3 or later.
- After uninstalling other antivirus products, the pop-up message about rebooting the computer is not localized.
- You may experience slow network performance on Windows Small Business 2011 Standard. To resolve this, apply the hot fix in this Microsoft article: Slow Network Performance on SBS 2011.
- By default, there are multiple UiSeAgnt.exe files on the Terminal Server for each RDP connection. These files consume memory resource. To reduce the memory usage on memory-critical computers, administrators can manually set the maximum number of visible UiSeAgent from the registry:
Always create a backup before modifying the registry. Incorrect registry changes may cause serious issues. Should this occur, restore it by referring to the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.
Restart the Security Agent once done.
- The Security Server sends notifications for all triggered events whenever the Trend Micro Security Server Master Service is restarted.
- The following default Security Server and Scan Server ports must not be used or blocked by other applications, such as Microsoft ISA Server and other firewalls:
- HTTP: 8059
- SSL: 4343 and 4345
- If an Internet connection problem occurs during the Security Server installation, the installer will keep validating the Activation Code without indicating any problem or the installer might freeze. A stable Internet connection is required during installation.
- During Security Server install/upgrade, Trustedinstaller.exe may occupy CPU usage up to 50 percent.
By default, Internet Explorer applies Medium-low security levels for intranet sites and Medium security levels for sites in its Trusted Sites list. To help ensure you can access the console properly, add it to the Trusted Sites list.
- One-time and scheduled reports only support HTML format in Internet Explorer (IE) 9.
- The manual scan process bar is not fully synchronized with the scanned files count of the scan mechanism.
- Trend Micro recommends accessing the Web console from computers that do not have adware installed. If Hotbar or other adware is installed, ActiveX errors may occur when accessing certain console screens.
- Trend Micro recommends setting Internet Explorer to Medium or lower security levels when accessing the web console. Higher security settings may block necessary ActiveX controls.
By default, Internet Explorer applies Medium-low security levels for intranet sites and Medium security levels for sites in its Trusted Sites list. To ensure you can access the console properly, add it to the Trusted Sites list.
- Behavior Monitoring fully supports 32-bit operating systems. For 64-bit operating systems, only Vista x64 SP1 and later are supported.
- Device Control fully supports 32-bit operating systems; for 64-bit operating systems, only Vista x64 SP1 and later are supported.
- When Network Resource privilege of Device Control is set to "No Access", computers with 32-bit operation systems can still browse network folders. The machines with 64-bit operation systems will not be able to browse network folders because of the limitations due to Windows behavior.
- Client users can bypass URL filtering restrictions by changing the local time on their computers.
- Instant messaging software will automatically log users off when the Security Agent starts or stops.
- Instant Messenger Content Filtering does not work when the messenger connects to the network through a proxy server.
- Instant Messenger Content Filtering does not support AIM.
- After clicking Continue Browse, it may still be blocked again on slow computers.
- In an unstable network environment, the Trend Micro Web Reputation server may pass a website without filtering.
- Instant Messenger Content Filtering does not support AIM and MSN2011.
- Switching scan methods may require a full pattern file download which can slow traffic on the network.
- Threats contained in an unknown file can pose a risk to the client if the agent cannot access the Smart Scan service on the Security Server.
- Switching scan methods and moving the Security Agent from one group to another group with same group settings will cause the Agent to exit momentarily and reload.
- When uninstalling the firewall driver, the client may temporarily lose the network connection. Some applications, such as Secure Shell (SSH), Terminal Services Client, or Remote Desktop, could be affected by the disconnection. If this occurs, restart the application after disabling the firewall (which also completes the uninstallation process).
- The Security Agent firewall may conflict with other firewall applications. Trend Micro recommends uninstalling or disabling other firewall applications.
- On VMware clients, the Security Agent firewall may block all incoming packets. To address this issue, add the following value to the client's registry:
- The firewall does not support IP version 6.
When Web Reputation Service is disabled, the Trend Micro Toolbar does not work.
- The MSA only supports typical installations of Exchange Server 2007 and 2010 that include the Hub Transport, Mailbox, and Client Access server roles.
- The MSA cannot be installed on a Windows EBS 2008 computer with the Exchange Server 2007 Edge Transport server role.
- As an anti-spam solution on Exchange Server 2003, users can choose between EUQ or Junk Mail integration. If you use Junk Mail integration, install Exchange Server 2003 SP2 or above. This requires pre-installation of the Intelligent Message Filter (IMF).
- During MSA installation, the installer may not submit passwords with special, non-alphanumeric characters to the Exchange Server computer. As a result, you may not install the MSA if the domain administrator account you are using has a complex password. As a workaround, temporarily change the password for the domain administrator account.
- When remotely installing MSA via web console or WFBS Advanced installer on Windows Server 2008, SBS 2008, or EBS 2008, you need to specify the built-in domain administrator account because of User Access Control restrictions. For the computers with other operating systems, you need an account in the Exchange Organization Administrators group.
- The Mac client cannot activate if the parent server firewall enables without adding port 61617 into exception list. As a workaround, add the 61617 into exception list.
- Java JRE which is necessary for TMSM installation cannot be auto-installed in 2008 platforms. As a workaround, download and manually install Java JRE.
- After uninstalling the Mac client, the entry will not be removed from the TMSM console. Manually remove the Mac client entry from the TMSM console.
- After TMSM is uninstalled and reinstalled again, the Mac client cannot register back but the WFBS client can. As a workaround, manually remove the MAC client and reinstall the Security Agent for MAC.
- The Mac Security Agent cannot register to TMSM if the Security Server is installed on SBS 2011.