Enabling Meerkat in OfficeScan (OSCE) 11.0

Before enabling Meerkat

1. Enable AEGIS (TMBMSRV.exe) to monitor the process launch.
   1. Go to Agents > Agent Management.
   2. Go to the Agents tree > Settings > Additional service settings.
   3. Enable Unauthorized Change Prevention Service.
   4. Click Save.
2. Enable Web Reputation (tmproxy.exe) to monitor the file download and the agent will save the records in C:\Program Files\Trend Micro\OfficeScan client\EventsDB.
   1. Go to Agents > Agent Management.
   2. Go to the Agents tree > Settings > Web Reputation Settings.
   3. Enable Web Reputation policy.
   4. Click Save.
3. The OfficeScan agent should be able to connect to the internet.
   The OfficeScan agent will check the prevalence value in the Trend Micro Census Server. A value greater than 10 means that the program is popular and the message will not be displayed.

Enabling Meerkat on desktop platform

1. Go to Agents > Global Agent Settings.
2. Under Behavior Monitoring Settings, select Prompt users before executing newly encountered programs downloaded through HTTP or email application.
3. Click Save.

Enabling Meerkat on server platform

By default, you cannot activate the Meerkat feature on the server platform using the console.

To activate this feature on the server:

1. In the OfficeScan installation directory, go to the \PCCSRV folder and open the ofcscan.ini file.
2. Manually add the following registry key under [Global Setting]:

   EnableMeerkatServerDetection=1

3. Save the changes and close the file.
4. Open the OfficeScan server console.
5. Go to the Agents > Global Agent Settings.
6. Click Save to deploy the setting to all agents.
7. Open the OfficeScan agent registry which is the Windows server platform. Windows server platform will create the key “EnableMeerkatServerDetection=1” under: HKEY_LOCAL_MACHINE\SOFTWARE\{Wow6432Node}\TrendMicro\PC- cillinNTCorp\CurrentVersion\Misc.

Meerkat is now enabled successfully.