Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Enabling Time-of-Click Protection in Hosted Email Security (HES) 3.0

    • Updated:
    • 30 Jan 2017
    • Product/Version:
    • Hosted Email Security 3.0
    • Platform:
    • Windows All
Summary

HES provides Time-of-Click Protection against malicious URLs in email messages. If you enable Time-of-Click Protection, HES rewrites URLs in email messages for further analysis. Trend Micro analyzes those URLs at the time of click and will block them if they are malicious.

Details
Public

Time-of-Click Protection detects link-based malware and phishing attacks by analyzing the reputation of a URL at the time of click of users on their endpoints and not only at the time of delivery to HES.

Time-of-Click Protection just works on Inbound direction.

To enable Time-of-Click Protection:

  1. Create an inbound protection policy to enable Web Reputation, if the Web Reputation detection in the policy is already enabled, check the Web Reputation setting of the policy.

    Click on Web Reputation. The Web Reputation Settings window appears.

  2. Tick Enable Time-of-Click Protection checkbox.

    Enable Time-of-Click Protection

    Click image to enlarge

  3. Save the settings. Once the policy change is complete, submit the policy.
  4. Check if you need adjust the Time-Of-Protection Settings:

     
    This step (step 4) is optional, HES provides default settings to all customers.
    1. Go to Inbound Protection > Time-of-Click Protection.
    2. Under Time-of-Click Protection Settings, do the following:

      • Dangerous

        • Select an action (Allow, Warn or Block) to take on dangerous URLs. The default value is Block.
        • Dangerous URLs are verified to be fraudulent or known sources of threats.
      • Highly Suspicious:

        • Select an action ( Allow, Warn or Block) to take on highly suspicious URLs. The default value is Block.
        • ighly suspicious URLs are suspected to be fraudulent or possible sources of threats.
      • Suspicious

        • Select an action ( Allow, Warn or Block) to take on suspicious URLs. The default value is Warn.
        • Suspicious URLs are associated with spam or possibly compromised.
      • Untested

        • Select an action ( Allow, Warn or Block) to take on untested URLs. The default value is Warn.
        • While Trend Micro actively tests URLs for safety, users may encounter untested pages when visiting new or less popular websites. Blocking access to untested pages can improve safety but can also prevent access to safe pages
    3. Click Save.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1116538
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.