Know the features and identify the different products included in Smart Protection Suite 1.0.
To learn more about Smart Protection 1.0, refer to the Smart Protection Getting Started Guide topic: About Trend Micro Smart Protection Suites.
|Policy status dashboard widget||
|Policy template updates||When new or updated templates become available,|
administrators can easily perform the update from
the web console.
|Data Loss Prevention (DLP) integration||DLP is a feature of the Data Protection module that monitors the transmission of digital assets.|
The DLP feature can minimize the risk of information loss and improve visibility of data usage patterns and risky business processes.
Control Manager has integrated the following DLP features:
|Favorites||Administrators can add menu shortcuts to the Favorites menu for quick access.|
- Identify the digital assets to protect.
- Create policies that limit or prevent the transmission of digital assets through common transmission channels, such as email messages and external devices.
- Enforce compliance to established privacy standards
|Dashboard||Monitor the usage of policies, rules, and applications using customizable widgets.|
|Management||Manage targets, rules, and policies.|
|Logs||View logs and configure log maintenance settings.|
|Updates||Update components and configure scheduled updates.|
|Administration||Manage the Endpoint Application Control server and agent settings.|
|Record keeping, reports, and auditing||
|No Hardware Requirements||
|IP Reputation||Hosted Email Security (HES) queries the Trend Micro Email Reputation server to determine whether the sending IP address is "trustworthy".|
|Email Content-based Filtering||
HES examines the message contents and applies content filtering:
|Advance Filtering or Company-based rule||Administrators can create rules by company, group, domain or individual and can set the appropriate enforcement action for each rules.|
|Approved Senders||Approved specific email addresses or domains to send email messages to the managed domains.|
Block attachments by:
|Valid Recipient Listing or Directory Management||
Receive emails only to valid recipients. Administrators can import valid recipient list through:
|Web End-User Quarantine||
|Outbound Email Filtering||Stops emails that contains malware and/or a spam coming from your network going to public which can result in having a bad reputation and/or blocking your IP by a third-party.|
|Email Encryption||For more information on the key features of Email Encryption, refer to the following documentation: Hosted Email Encryption.|
|Co-Branding||Display your company logo on the web console top banner and in the logon page.|
- Traffic Deployment
- Direct proxy set-up in browser
- Use PAC file to design the traffic routine
- USe proxy chain to route existing corporate Proxy traffic to IWSaaS
- Use port forwarding to redirect 80 port from router to IWSaaS (No HTTPS traffic)
- Security and Policy Enforcement
- Anti-Malware protection (VSAPI scan)
- Web reputation (WRS engine)
- Advanced Protection (Specify security event types)
- URL filtering
- Application Control
- Approved Blocked URLS
- Data Visibility
- Log query and report
- Hosted Account management
- CLP Integration
- AD Integration
- Alert and Notification
- Application Control
- Traffic Monitoring and Reporting
- HTTP Inspection
- Password Override Action for Blocked Url Filtering categories
- Time Limit Action for URL Filtering
- Time Quota Extension for Url filtering Time Limit Action
- Data Loss Prevention
- Advanced Threat Protection
- HTTPS Decryption
- Web Reputation
- High Availability
- FTP Scanning
- URL Filtering
- Content Caching
- IP address, Hostname and LDAP-based Client Identification
- Hyper-V Installation Support
- Real-Time Statistics and Alerts
- Logs and Reports
- Syslog Support
- Integration with Cisco WCCP
- Reverse Proxy Support
- Support for Multiple Trend Micro IWSVA Installations
- Command Line Interface
- C&C Contact Callback Detection
- Enhanced Threat protection
- Enhanced Log query and reporting
- Configuration/Policy Replication
- Application Control Notification Page
- More Virtualication Support
- Log Analysis
- System Status
|Agent Customization||Enables you to preset the server IP address and port number into the Android installation package.|
|Web Proxy Support for Android||Enables you to set Web proxy in Android mobile devices.|
|HTTP(S) Push Notification Setting for Android||Provides setting to enable or disable the HTTP(S) push notifications for Android mobile devices.|
|Simpler Provisioning||Enables you to configure server IP address, domain name and server port number in Android mobile devices in advance, to reduce the effort of deployment and enrollment of mobile devices.|
|Scan After Pattern Update||Automatically starts scanning the mobile device for security threats after successful pattern update, and displays the progress in the notification bar.|
|Web Threat Protection Policy||Enables you to manage Web threat protection policy from the Mobile Security server and deploys it on Android mobile devices. It also enables Android mobile devices to send the Web threat protection log back to the server.|
|Adds SD Card Restriction for Android||Enables you to control the availability of the SD card for Android mobile devices.|
|Application Inventory||Maintains the list of installed applications on mobile devices and displays it on the device status screen.|
|Application Control||Enables you to allow or block the installation of certain applications on mobile devices using approved and blocked lists.|
|Application Push||Enables you to push the application installation package or Web link of the application to mobile devices for installation.|
|Selective Wipe||Enables you to delete all the corporate data from the server, without deleting the user’s personal data|
|Compliance Check||Enables you to set the compliance criteria on the server, and checks the mobile devices for compliance.|
|Optional Authentication using Active Directory||Enables you to set user authentication using Active Directory (AD) or Mobile Security database for Symbian, Windows Mobile, iOS and Android mobile devices for registration.|
|Dashboard Screen||Introduces the Dashboard screen to replace the old Summary screen on the web console to provide the status summary of server components and mobile devices.|
|Scheduled Reports||Enables you to configure Mobile Security to send scheduled reports at the pre-defined intervals.|
|Quick Configuration Verification Screen||Introduces the Mobile Security Configuration and Verification screen that enables you to quickly verify Mobile Security configuration and identifies the problems, if any. If the configuration verification screen detects any wrong configuration setting, it provides suggestions to correct it.|
|On-Demand Remote Password Reset for iOS and Android||Enables you to reset the password remotely for iOS and Android mobile devices from the web console.|
|Enterprise App Store||Enables you to create a list of webclips and apps for the users to download and install on their mobile devices.|
|Plug-in Manager and Plug-in Solutions||
Plug-in Manager facilitates the installation, deployment, and management of plugin solutions.
Administrators can install two kinds of plug-in solutions:
A web-based management console gives administrators transparent access to all agents and servers on the network. The web console coordinates automatic
deployment of security policies, pattern files, and software updates on every agent and server. And with Outbreak Prevention Services, it shuts down infection
vectors and rapidly deploys attack-specific security policies to prevent or contain outbreaks before pattern files are available. OfficeScan also performs real-time
monitoring, provides event notification, and delivers comprehensive reporting. Administrators can perform remote administration, set customized policies for
individual desktops or groups, and lock agent security settings.
|Security Risk Protection||
OfficeScan protects computers from security risks by scanning files and then performing a specific action for each security risk detected. An overwhelming number of security risks detected over a short period of time signals an outbreak.
To contain outbreaks, OfficeScan enforces outbreak prevention policies and isolates infected computers until they are completely risk-free.
OfficeScan uses smart scan to make the scanning process more efficient. This technology works by off-loading a large number of signatures previously stored on the local endpoint to Smart Protection Sources. Using this approach, the system and network impact of the ever-increasing volume of signature updates to endpoint systems is significantly reduced.
|Damage Cleanup Services||
Damage Cleanup Services™ cleans computers of file-based and network viruses, and virus and worm remnants (Trojans, registry entries, viral files) through a fully automated process. To address the threats and nuisances posed by Trojans, Damage Cleanup Services does the following:
Because Damage Cleanup Services runs automatically in the background, it is not necessary to configure it. Users are not even aware when it runs
Web reputation technology proactively protects agent computers within or outside the corporate network from malicious and potentially dangerous websites. Web reputation breaks the infection chain and prevents downloading of malicious code. Verify the credibility of websites and pages by integrating OfficeScan with the Smart Protection Server or the Trend Micro Smart Protection Network.
|OfficeScan Firewall||The OfficeScan firewall protects agents and servers on the network using stateful inspections and high performance network virus scans. Create rules to filter connections by application, IP address, port number, or protocol, and then apply the rules to different groups of users.|
|Device Control||The OfficeScan firewall protects agents and servers on the network using stateful inspections and high performance network virus scans. Create rules to filter connections by application, IP address, port number, or protocol, and then apply the rules to different groups of users.|
|Behavior Monitoring||Behavior Monitoring constantly monitors agents for unusual modifications to the operating system or on installed software.|
|Data Loss Prevention||
|Smart Scan||An integral part of the Trend Micro Smart Protection Network, Smart Scan provides the following benefits:
|Fast and Simple Installation||
|Powerful and Creative Antivirus Features||
|Spam Prevention Rules||
|Web-based Product Console||
|Informative and Timely Reports and Logs||
|Updates||Receive scheduled or on-demand component updates and customize your update source.|
|Category for Unscannable Message Parts||ScanMail separates the unscannable message count from the virus/malware count. Unscannable files can be files that fall outside of the Scan Restriction Criteria, encrypted files, or password protected files.|
|Content Filter Log||This version of ScanMail displays the keyword in content filtering logs when there is a match.
If the keyword or regular expression is too long to display, logs display truncated information.
|IntelliTrap||This version of ScanMail incorporates IntelliTrap technology. Use IntelliTrap to scan for packing algorithms to detect packed files. Enabling IntelliTrap allows ScanMail to take user-defined actions on infected attachments and to send notifications to senders, recipients, or administrators.|
|Trust Scan||Real-time scan can skip scanning email messages at the store level when the message has been scanned by ScanMail at the Hub Transport Level. This feature is available for ScanMail with Exchange Server 2010 and 2007.
Once ScanMail scans a message on an Edge or Hub Transport server, ScanMail adds scan information to the message. When the message reaches the Mailbox, ScanMail evaluates the scan information to prevent redundant use of resources. ScanMail only scans the message if the message was scanned with an older scan engine or pattern file or if ScanMail has not previously scanned the message.
|Manual and Scheduled Scan||ActiveUpdate does not interrupt Manual Scan or Scheduled Scan.
For Exchange Server 2010 and 2007, the Manual Scan and Scheduled Scan pages only appear on Combo Server (Hub Transport and Mailbox server role) and Mailbox server roles. ScanMail offers incremental scan options only with Exchange Server 2010 and 2007. There are three options:
|Cluster Support||ScanMail supports the following clusters:
|Security Risk Protection||
|Web Reputation||Protection from malicious and potentially dangerous web sites|
|Centralized Management||Web-based management console|
- Support for Microsoft Windows server platforms including Windows 2000, most versions in Windows 2003, Windows 2003 R2, Windows 2008 and Windows 2008 SP2 servers.
- VMWare ESX/ESXi server support
- New spyware pattern support to detect virus infections, which also includes new features to perform quarantine, delete, and renaming actions for handling infected files
- Ability to run the Normal Server under Novell Open Enterprise Server 2
- Upgrade from ServerProtect 5.58 and 5.7 by running either the installation program or deployment program
- Enhanced security when communicating between the Information Server and Windows Normal Server
- Latest Damage Cleanup Engine and Anti-Rootkit module as a generic cleaning feature
- TMI component upgrade to the latest version v1.12
|White listing||Customers will make base image for VD, we believe the base image are highly virus-free. We will provide a tool to allow customer to pre-scan this image to build the white list; this list will be used in on demand scan (not for real time scan).|
|Avoid duplicate GUID||Current OSCE 10.5 image setup tool (ImgSetup.exe) is not suitable for VDI, we create a new one (TCacheGen.exe).|
|Firewall||Decreases the attack surface of your servers.|
To know more about the features and enhancements of Worry-Free Business Security Services, refer to the following KB article: New features of Worry-Free Business Security Services (WFBS-SVC).