Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

InterScan Messaging Security Suite (IMSS) 7.5 Windows Data Collection Notice

    • Updated:
    • 2 Aug 2018
    • Product/Version:
    • InterScan Messaging Security Suite 7.5 Windows
    • Platform:
    • N/A N/A
Summary

IMSS 7.5 Windows includes the following modules that may cause the corresponding data to be transmitted to Trend Micro. Detailed information and instruction are provided below for opt-out of the data collection by disabling specific modules. Each of these modules can be disabled as shown below.

Details
Public

Web Reputation

IMSS leverages Trend Micro Web Reputation Services to scan URLs to detect malicious URLs based on their reputation scores or categories.

 
Disabling Web Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of IMSS to detect malicious URLs.
Data collected
  • URLs in email bodies
Console locationPolicy > Policy List > Antispam Rule Name > And scanning conditions match > Edit
Console settings
  • Web Reputation settings

web reputation

Back to top

IntelliTrap

IntelliTrap provides heuristic evaluation of compressed files that helps reduce the risk that a virus in a compressed file will enter your network through email.
By default, this feature is disabled.

Data collected
  • Message attachments containing compressed executable files
Console locationPolicy > Policy List > Antivirus Rule Name > And scanning conditions match > Edit
Console settings
  • Send the IntelliTrap samples to TrendLab

intellitrap

Back to top

Email Reputation

IMSS leverages Trend Micro Email Reputation Services to verify IP addresses of email messages using one of the world's largest, most trusted reputation database, along with a dynamic reputation database to identify new spam and phishing sources, stopping even zombies and botnets as they first emerge.

 
Disabling Email Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of IMSS to detect and block spam from known and emerging spam sources.
Data collected
  • Connected IP address of email messages
Console locationIP Filtering > Overview
Console settings
  • Enable IP Filtering
  • Email reputation

email reputation

Back to top

Trend Micro Control Manager Integration

Trend Micro Control Manager is a software management solution that gives you the ability to control antivirus and content security programs from a central location regardless of the program’s physical location or platform. This application can simplify the administration of a corporate virus and content security policy.
IMSS synchronizes various log messages such as virus, spam, Web Reputation, content filtering logs to Control Manager.

 
Disabling MCP Agent prevents the mentioned data from being sent to Trend Micro Control Manager, but severely affects the ability of IMSS to detect threats.
Data collected
  • Email headers
  • Subjects
  • URLs in email bodies
Console locationAdministration > IMSS Configuration > Connections > TMCM Server
Console settings
  • Enable MCP Agent

TMCM integration

Back to top

Smart Feedback

Smart Feedback shares anonymous threat information with the Smart Protection Network, allowing Trend Micro to rapidly identify and address new threats.

 
Disabling Smart Feedback prevents the mentioned data from being sent to Trend Micro, but affects the ability of IMSS to rapidly identify and address new spam.
Data collected
  • Email headers
  • Subjects
  • Email message content
Console location and settings
 
This feature cannot be disabled on the IMSS management console.

To disable this feature, perform the following steps:

  1. Open the install_dir\Trend Micro\IMSS\config\imss.ini file.
  2. Find or add the tmfbe section and set tmfbe_level=0:

    [tmfbe]
    tmfbe_level=0

  3. Restart the IMSS scan service.

Back to top

Deep Discovery Advisor Configuration

Deep Discovery Advisor is a separately licensed product that provides unique security visibility based on Trend Micro’s proprietary threat analysis and recommendation engines. IMSS integrates with the Virtual Analyzer in Deep Discovery Advisor. IMSS sends suspicious messages, including attachments, to Virtual Analyzer for further analysis.

 
Disabling Deep Discovery Advisor prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of IMSS to detect advanced malware in files.
Data collected
  • Suspicious applications and executable files
  • Suspicious scripts
  • Suspicious documents with macro
  • Other suspicious files from Trend Micro Advanced Threat Scan Engine
Console locationAdministration > IMSS Configuration > Deep Discovery Advisor Configuration
Console settings
  • Send messages to Deep Discovery Advisor for analysis

DDA config

Back to top

Premium
Internal
Rating:
Category:
Configure
Solution Id:
1120529
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.