Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Deep Security 11.0 Data Collection Notice

    • Updated:
    • 16 May 2018
    • Product/Version:
    • Deep Security 11.0
    • Platform:
    • N/A N/A
Summary

The following sections outline the features that collect data, the data transmitted, and the locations on the product console where you can disable the features.

Details
Public

Intrusion Prevention and Firewall

You can optionally configure Deep Security to use a Whois service to look up which domain name is associated with an IP address when you review the logged intrusion prevention and firewall events. The IP address is sent directly to the Whois service and not to Trend Micro.

Data collectedIP address
Console locationAdministration > System Settings > Advanced
Console settings

Whois URL

Whois URL

Back to top

Anti-Malware: Smart Protection

Smart Protection Server for File Reputation Service is used by the anti-malware module. It supplies file reputation information required by Smart Scan. Alternatively, you can use a locally installed Smart Protection Server.

Data collected
  • Product information
  • Client device OS
  • Malicious or suspicious file information
  • Suspicious file signatures
  • Malicious or suspicious process information
Console locationComputer or Policy editor > Anti-Malware > Smart Protection
Console settings

Connect directly to Global Smart Protection Service

Connect directly to Global Smart Protection Service

Back to top

Anti-Malware: Process Memory Scan

Process memory scans connect to the Good File Reputation Service. This information enables Deep Security to identify good file hashes.

Data collectedFile hashes (SHA1) and additional information
Console locationPolicies > Common Object > Other > Malware Scan Configurations > Real-Time Scan configuration > General
Console settings

Scan process memory for malware

Scan process memory for malware

Back to top

Anti-Malware: Predictive Machine Learning

Predictive machine learning enables identification of potential malicious files.

Data collected
  • File name
  • Path
  • Signer
  • Hashes (SHA1)
Console locationPolicies > Common Objects > Other > Malware Scan Configurations > Real-Time Scan configuration > General
Console settings

Enable Predictive Machine Learning

Enable Predictive Machine Learning

Back to top

Anti-Malware: Smart Scan

This information is sent when a file scan occurs and enables Deep Security to identify malicious file hashes.

Data collectedFile hashes (CRC) and additional information
Console locationComputer or policy editor > Anti-Malware > Smart Protection > Smart Scan
Console settings

Untick Inherited check box (if it's selected) and select Off.

Smart Scan configuration

Back to top

Anti-Malware: Behavior Monitoring

The behavior monitoring feature communicates with the Global Census Server and Good File Reputation Service. This enables Deep Security to identify good file hashes and to retrieve statistical data.

Data collectedFile hashes (SHA1) and additional information
Console locationPolicies > Common Objects > Other > Malware Scan Configuration > Real-Time Scan configuration > General
Console settings
  • Detect suspicious activity and unauthorized changes (incl. ransomware)
  • Back up and restore ransomware-encrypted files

Behavior Monitoring configuration

Back to top

Integrity Monitoring

You can configure Deep Security Manager to automatically tag integrity monitoring events. If you select the Certified Safe Software Service option, information is sent to the Trend Micro Certified Safe Software service. Alternatively, you can select one of the other options when configuring auto tagging, or don’t enable auto-tagging.

Data collectedFile hashes (SHA1) and additional information
Console locationEvents and Reports > Integrity Monitoring Events > Auto-Tagging > New Trusted Source
Console settings

Certified Safe Software Service

Certified Safe Software Service

Back to top

Web Reputation

The web reputation module uses the Trend Micro Smart Protection Network to determine whether URLs are malicious. When Connect directly to Global Smart Protection Service is selected, URLs are sent to Trend Micro. Alternatively, you can opt to use a locally installed Smart Protection Server. You must select one of these options to use the web reputation module. If you don’t want to use either of those options, go to the General tab and change the Web Reputation State to Off to disable the web reputation module.

Data collectedURL
Console locationComputer or Policy editor > Web Reputation > Smart Protection
Console settings

Connect directly to Global Smart Protection Service

Connect directly to Global Smart Protection Service

Back to top

Smart Feedback

Smart Feedback enables you to participate, share, and leverage Trend Micro’s global database of threat-related intelligence to rapidly identify and defend against potential threats within your unique network environment.

Data collected
  • IP address
  • URL
  • Filename/Path
  • Hostname
  • Suspicious executables and partial file content
Console locationAdministration > System Settings > Smart Feedback
Console settings

Enable Trend Micro Smart Feedback

Enable Trend Micro Smart Feedback

Back to top

Premium
Internal
Rating:
Category:
Configure
Solution Id:
1119900
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.