Summary
Trend Micro will be conducting a maintenance on the hosted services of Email Encryption.
You can also download the PDF version of this advisory with German, French, Italian, and Spanish translations.
Details
The maintenance schedule is as follows:
| Time Zone | Start | End |
|---|---|---|
| TW/PH/CDC | Sat, 1 Nov 2014, 10:00 AM | Sat, 1 Nov 2014, 20:00 PM |
| UK (UTC) | Sat, 1 Nov 2014, 02:00 AM | Sat, 1 Nov 2014, 12:00 PM |
| US PDT (UTC -7) | Fri, 31 Oct 2014, 19:00 PM | Sat, 1 Nov 2014, 05:00 AM |
The affected products are:
- Zero Download (My Private Post)
- Trend Micro Encryption for Email (TMEE) [Outlook Client application]
- Trend Micro Email Encryption Gateway (TMEEG)
- InterScan Messaging Security Virtual Appliance (IMSVA)
- Hosted Email Security (HES)
Details on how each product is affected:
Zero Download
The Zero Download service will be unavailable during the maintenance period. Using the browser to decrypt, reply to, and forward encrypted emails will not be possible during this time. A notification will be visible in the browser once the encrypted_message.htm is opened by the user. The Mobile “forward to decrypt” solution is also not available during the maintenance period.
TMEE
The TMEE Outlook client should still be able to encrypt and decrypt messages if it was used during the October time frame. These messages will have the October and November private key for the registered email addresses. Registering new accounts, however, will fail during the maintenance period. In case an account does not already hold the monthly key, it will fail to encrypt and decrypt emails.
TMEEG
The encryption gateway should continue to decrypt messages for recipients whose October private key have already cached. Messages using the November private key will fail to encrypt or decrypt and will be left on the TMEEG box in the /trend/tmeeg/.errored/ directory.
You may use the Resend TMEEG errored Email.zip tool to reprocess messages that are stuck in the errored directory. The instructions on how to use the tool is included in download file. The password is "novirus".
Important: The Resend TMEEG Errored Email tool is an unsupported command line utility that helps customers resend emails on TMEEG that have previously failed and are now stuck in the Errored directory. The Resend TMEEG Errored Email tool is provided “AS IS” without warranties of any kind. Trend Micro does not warrant that the Resend TMEEG Errored Email tool is secure or error free, that it will meet your requirements or expectations, that the results will be accurate or reliable, or that errors or issues will be fixed or corrected. You assume all risk arising out of use of this utility. Trend Micro does not provide support for this utility and the Trend Micro Technical Support team is unable to answer questions about the tool.
IMSVA
Only messages with encryption and decryption tasks are affected.
IMSVA should be able to process encrypted messages for whose recipients already have the monthly October key. All other messages will fall into exception handling.
The default action can be configured on the IMSVA user interface section Policy > Scanning Exception > Encryption Exception. Once the maintenance is over, you can check your quarantined emails in the Admin UI (assuming exception handling is set to quarantine) and reprocess these messages.
HES
Messages with encryption and decryption tasks on HES may experience a delay if the monthly key is not yet available. Those that failed during the maintenance window will be automatically re-processed.
Additional remarks
- Using the default settings, no message that requires encryption will leave any of the systems in clear text.
- Administrators may want to inform their end users in advance to avoid sending emails that need to be encrypted during the maintenance window.
- Administrators should check the logs for messages that failed to be encrypted or decrypted during the maintenance period. Either re-process the messages manually or ask the senders to resend the emails.
- The following products are not affected by this maintenance:
- Full Disc Encryption (Mobile Armor)
- Secure Cloud
-
Please note that also the address range of encryption related hosted services have changed which might affect restricted environments in which TMEEG for example queries the key server for private keys.For more information, refer to the KB article Ports used by Trend Micro Email Encryption Gateway (TMEEG).
If you have any questions or concerns, contact Trend Micro Technical Support.
