Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Suspicious Object (SO) Exception does not exclude on OfficeScan (OSCE) agents

    • Updated:
    • 9 Nov 2017
    • Product/Version:
    • OfficeScan 11.0
    • OfficeScan XG.All
    • Platform:
    • Windows 10
    • Windows 10 32-bit
    • Windows 10 64-bit
    • Windows 2003 32-Bit
    • Windows 2003 64-Bit
    • Windows 2003 Datacenter 64-bit
    • Windows 2003 Enterprise
    • Windows 2003 Enterprise 64-bit
    • Windows 2003 Server R2
    • Windows 2003 Standard
    • Windows 2003 Standard 64-bit
    • Windows 2008 32-Bit
    • Windows 2008 64-Bit
    • Windows 2008 Datacenter
    • Windows 2008 Datacenter 64-bit
    • Windows 2008 Enterprise
    • Windows 2008 Enterprise 64-bit
    • Windows 2008 Server Core
    • Windows 2008 Server R2 Enterprise
    • Windows 2008 Standard
    • Windows 2008 Standard 64-bit
    • Windows 2008 Web Server Edition
    • Windows 2008 Web Server Edition 64-bit
    • Windows 2012
    • Windows 2012 Datacenter
    • Windows 2012 Datacenter R2
    • Windows 2012 Enterprise
    • Windows 2012 Enterprise R2
    • Windows 2012 Server Essential R2
    • Windows 2012 Server Essentials
    • Windows 2012 Server R2
    • Windows 2012 Standard
    • Windows 2012 Standard R2
    • Windows 2012 Web Server Edition
    • Windows 2016
    • Windows 2016 Server Core
    • Windows 2016 Server Datacenter
    • Windows 2016 Server Standard
    • Windows 7 32-Bit
    • Windows 7 64-Bit
    • Windows 8 32-Bit
    • Windows 8 64-Bit
    • Windows 8.1 32-Bit
    • Windows 8.1 64-Bit
Summary

Know why Suspicious Object Exception does not exclude on OSCE agents.

Details
Public

Control Manager (TMCM) administrators can add objects they consider suspicious but are not currently in the list of Virtual Analyzer suspicious objects by going to Administration > Suspicious Objects > User-Defined Objects.

Suspicious Object “Exceptions”, on the other hand, can be used for excluding objects from existing Virtual Analyzer suspicious object list. Since user-defined suspicious objects have a higher priority than Virtual Analyzer suspicious objects, VA will not add any object that exists in the exception list.

In TMCM 6.0 SP3, OSCE (11.0 SP1 or later) accepts IP & URL objects as user-defined suspicious objects and actions can be either "log" or "block".

In TMCM 7.0, OSCE XG SP1 further supports File object. OSCE takes action on files that are listed in the user-defined SO list. For more information, please refer to the Control Manager Administration Guide.

Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1117591
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.