Worry-Free Business Security Services provides a Client/Server Security Agent (CSA) Console for end-user management. Topics discussed in this chapter include:
• The Client/Server Security Agent Console
• Manual Scan
• Scan Settings
• Security Protection for Web Reputation, Firewall, Mail Scan, and Behavior Monitoring
• Log Report
• Help
The Client/Server Security Agent Console
When administrators give permission to user groups to configure their security settings, users can do so using the CSA Console.
To use the CSA Console:
1. In the System Tray, double-click the Client-Server Security Agent icon. OR
2. In the Start menu, select Programs > Trend Micro Server Security Agent > Client-Server Security Agent. The CSA Console displays, with the Status tab selected by default.
76
Figure 91. CSA Console
3. Users can use the CSA tabs, menus, and buttons to perform a range of tasks including the following:
• Status. View the security status of the client computer for all security settings and updates, as well as get the latest update.
• Scan. Specify settings for Manual Scan, Real-Time Scan, and Scheduled Scan;
execute a Manual Scan on specified Directories/Folders; view scan results; and set CPU usage allowed to Low, Medium, or High.
• Security Protection. Add URLs to Approve (Web Reputation); enable the Firewall, the Intrusion Detection System, and be notified when a Firewall violation occurs;
Enable Real-time scan of POP3 Mail Scan and determine the Action to take on infected or uncleanable files; and enable Behavior Monitoring, add programs to the Exception list, and specify folders under protection for Intuit™ Protection
(QuickBooks).
• Log Report. View logs for Viruses/Malware, the Firewall, Spyware/Grayware, and Web Reputation, Behavior Monitoring, and URL Filtering for a specified date range;
automatically delete logs older than a specified number of days.
• Help. Obtain various forms of help and information including product details, technical support, and virus information.
Manual Scan
To execute a Manual Scan:
1. Launch the CSA Console by double-clicking the CSA icon in the System Tray. The console appears, with the Status tab preselected.
2. Click the Scan tab. The Scan screen appears.
Figure 92. Scan
3. In the Scan window, check the disk(s) you want to scan and click Scan. While the scan executes, the Scanning window displays, with a progress indicator in the Security Protection Status panel. The Current target read-out shows you the current target of the scan and the Elapsed time read-out shows you the time elapsed since the beginning of the scan. You can Pause or Stop the scan by clicking the respective button.
78
Figure 93. Scanning
4. When the Scan completes, the Scan Summary and Scan Results panels show the results of the scan.
Figure 94. Manual Scan Summary / Results
5. In the Scan Summary area, view the results of the scan, including Infected files/registry logs, Files/registry logs scanned, Last threat found, and Threats cleaned.
6. In the Scan Results area, view the list of the File/registry keys found, the type of threat it is, the name of the Threat, and the Result of the scan (e.g., Quarantined). Adjust the size of the table columns by clicking and dragging the separators.
7. Depending on the type of threat found and the results of the scan, you can use the various buttons to perform certain tasks:
• Clear List. Clear the list of results.
• More Info. Get more information on the selected Security Risk. The button takes you to the Trend Micro Virus Encyclopedia.
• Clean. Clean the infected file.
• Delete. Delete the infected file.
• Rename. Rename the infected file.
• Help. Get help on using the Scan Screen.
8. Click Close to close the Scan Screen.
Scan Settings
You can set scan settings for Manual, Real-Time, and Scheduled Scans.
To set Manual Scan settings:
1. In the Scan window, click the Scan Settings button. The Manual Scan settings screen appears by default.
Figure 95. Manual Scan Settings
80
3. For Files to Scan, check the respective checkbox among the following options:
• All scannable files
• File type scanned by IntelliScan
• Files with certain extensions. Click the Edit button to edit the Extensions to scan.
• Enable scan exclusion. Click the Edit button to edit the Exclusions list.
4. For Scan Settings, check the respective checkbox among the following options:
• Scan hidden folders
• Scan network drive
• Scan compressed files. Specify the maximum layers to scan.
5. For CPU Usage, check High, Medium, or Low to set the threshold. The High setting, chosen by default, takes the shortest time to scan, but uses the most CPU. Medium (~50%) and Low (~20%) determine the amount of CPU usage above which the scan is paused.
6. For other Scan Settings, check the respective checkbox among the following options:
• Scan boot area
• Enable IntelliTrap
7. For Scan Action, check the respective checkbox among the following options:
• ActiveAction
• Custom Action. Click the Edit button to edit the Custom Action
• Backup files before cleaning.
8. Click OK to save your changes.
To set Real-time Scan settings:
1. In the Scan Settings window, select the Real-time Scan tab. The Real-time Scan settings screen appears.
Figure 96. Real-time Scan Settings
2. In the central dropdown menu, choose Virus/Malware Scan or Spyware/Grayware Scan.
3. For Files to Scan, check the respective checkbox among the following options:
• All scannable files
• File type scanned by IntelliScan
• Files with certain extensions. Click the Edit button to edit the Extensions to scan.
• Enable scan exclusion. Click the Edit button to edit the Exclusions list.
4. For Scan Condition, check the respective checkbox among the following options:
• Scan files being created, modified, or retrieved
• Scan files being retrieved
• Scan files being created or modified
5. For Scan Setting, check Scan compressed files if you wish, then designate the maximum layers to scan for using the pull-down menu
6. For Scan Action, check the respective checkbox among the following options:
• ActiveAction
82
7. For Scan Settings, check the respective checkbox among the following options:
• Scan floppy disk at shutdown
• Scan network drive
• Enable IntelliTrap
8. If you want a notification, check Display a notification message when virus/malware is detected.
9. Click OK to save your settings.
To set Scheduled Scan settings:
1. In the Scan Settings window, click the Scheduled Scan tab. The Scheduled Scan settings screen appears.
Figure 97. Scheduled Scan Settings
2. In the central dropdown menu, choose Virus/Malware Scan or Spyware/Grayware Scan.
3. For Schedule Frequency, choose among the following options from the dropdown menu:
• None
• Daily
• Weekly
• Monthly
4. Specify the Time for the scan by hour and time of day (am or pm) 5. Specify the day of the month
6. For File to Scan, check the respective checkbox among the following options:
• All scannable files
• File type scanned by IntelliScan
• Files with certain extensions. Click the Edit button to edit the Extensions to scan.
• Enable scan exclusion. Click the Edit button to edit the Exclusions list.
10. For Scan Setting, check Scan Compressed Files and designate the maximum number of layers to scan for by using the dropdown menu
11. Designate the CPU Usage to be used for the scan by High, Medium, or Low.
12. For Scan Action, specify among the following options:
• ActiveAction: CSA will utilize the default Trend Micro-recommended actions
• Custom Action: Click the Edit button to edit the actions to be taken
• Backup files before cleaning
• Display a notification message when virus/malware is detected
13. For Scan Settings, check the respective checkbox among the following options:
• Scan boot area
• Enable IntelliTrap
14. Click OK to save your changes.
Security Protection
In the main CSA Console, you click the Security Protection tab to set various options for Web Reputation, the Firewall, the POP3 Mail Scan, and Behavior Monitoring.
Web Reputation
To add or delete URLs to approve:
1. To access the Web Reputation window, click the Security Protection tab. The Web Reputation option is chosen by default from the pull-down menu.
84
Figure 98. Web Reputation
2. To add an approved URL, type in the address of the URL you wish to approve in the URLs to Approve window, then click Add.
3. To delete an approved URL, select the address of the URL you wish to delete in the Approved URLs window, then click Delete.
4. Click Apply to apply your changes.
Firewall
To change the Settings for the Firewall:
1. Select the Firewall item in the pull-down menu. The Firewall settings display.
Figure 99. Firewall
2. Choose among the following options by checking the appropriate checkbox.
• Enable the Firewall
• Enable Intrusion Detection System (IDS)* (IDS will be enabled on all network cards.)
• Notify me when a firewall violation occurs
3. Select Network cards from the list, then click Details to get details on the settings for that card.
Figure 100. Security Level and Exception Rule List Edit
4. Back in the main screen, click Apply to apply any changes to your settings.
86
Mail Scan
To edit settings for Mail Scan:
1. Select Mail Scan from the drop-down menu. The Mail Scan screen displays.
Figure 101. Mail Scan
2. Check Enable real-time scan for POP3 email messages checkbox to enable the POP3 Mail Scan.
3. Check Enable Trend Micro Anti-Spam toolbar to enable the toolbar in your default POP3 email program.
4. Change the Scan Action for the following options by selecting it from the dropdown menus:
• Action on Infected files. Pass, Clean, or Delete.
• Action on Uncleanable files. Pass or Delete.
5. Check the Clean infected compressed files checkbox to clean infected compressed files.
6. Click Apply to apply your changes. A dialog will appear, asking Are you sure you want to apply this setting?
7. Click Yes. The setting changes are applied.
Trend Micro Anti-Spam Toolbar
When you enable the Trend Micro Anti-Spam Toolbar, it appears in your default POP3 email program. In the example below, the POP3 client used is Windows Mail.
To Apply the Anti-Spam Toolbar functions:
1. Open your POP3 email program. The Trend Micro Anti-Spam Toolbar will be displayed.
2. To report a message as spam: Select the email you wish to report as spam and click the Spam button. Future emails of this type will be reported as spam and the spam email is moved into your Spam Email folder.
Figure 102. Report a Message as Spam
3. To report a message incorrectly detected as spam: Select the email you wish to report incorrectly detected as spam and click the Not Spam button. The message will be moved out of the Spam Email folder.
88
Figure 103. Report a Message Incorrectly Detected as Spam
4. To report a message as fraud: Select the fraudulent email you wish to report as fraud (e.g., a phishing email) and click the Fraud button. The message will be reported as fraud.
Figure 104. Report Message as Fraud
To Adjust the Anti-Spam Settings in the Trend Micro Anti-Spam Toolbar:
Figure 105. Anti-Spam Toolbar > Settings
1. In the Trend Micro Anti-Spam Toolbar drop-down menu, select Settings. The Settings screen appears, with the Spam Filter tab and Medium Spam Email Filter Strength selected by default.
Figure 106. Spam Filter
2. Choose among the following options for Spam Email Filter Strength:
• High. Detects almost all spam and fraudulent messages, but may misidentify some legitimate mail as spam.
90
• Low. Detects only the most obvious spam and fraudulent messages, with only a slight chance of misidentifying legitimate mail as spam.
3. Check/uncheck the Trend Micro Online Filtering Service. This option, selected by default, submits anonymous data to the Trend Micro Online Filtering Service to double-check incoming messages for spam.
4. Click OK to save your changes.
To Activate the Link Filter:
1. Select the Link Filter tab to activate the link filter. The Activate Link Filter screen appears.
Figure 107. Link Filter
2. Check the Activate Link Filter checkbox to activate the link filter. This feature checks addresses of websites (URLs) in the email you receive against an online database.
Messages containing hyperlinks that pose a security risk will be moved into the spam folder.
3. Choose among the following options for Filtration Strength:
• High. Intercept all messages containing links to any sites with a poor reputation (such as a history of spamming), and those that would definitely cause harm, deliver undesirable downloads, or seem associated with online fraud.
• Medium. Find messages containing links to websites that would definitely cause harm, deliver undesirable downloads, or seem associated with online fraud.
• Low. Only catch messages containing links to websites that would definitely cause harm.
4. Click OK to save your changes.
To Add/Edit/Remove Approved Senders:
1. Select the Approved Senders tab to add, edit, or remove approved senders to a list. The Approved Senders screen appears.
Figure 108. Approved Senders
2. Click Add to add an approved sender. The Add approved senders dialog appears.
3. Type the email address of the approved sender and an optional sender name and click OK. The approved sender is added to the list.
4. You may also click Update from contacts to update your list using the Contacts database in your email client. The list is automatically updated from the Contacts database.
5. Notice the checkbox Whenever you send email, add the address to the list of Approved Senders automatically. It is selected by default. Deselect to not add the recipient automatically.
6. Click OK to save your changes.
To Add/Edit/Remove Blocked Senders:
1. Click the Blocked Sender tab. The Blocked Senders window appears.
92
Figure 109. Blocked Senders
2. Use the same method to add, edit, or remove blocked senders from the list as you did for approved senders.
3. Click OK to save your changes.
To Block Messages in Specific Languages:
1. Click the Blocked Languages tab. The Blocked Languages screen appears.
Figure 110. Blocked Languages
2. Check the checkbox for the language(s) of messages you wish to block, or use Select All to select every language in the list. You may also deselect the whole or part of the list by clicking Clear All.
3. Click OK to save your changes.
94
To Set Advanced Settings:
1. Select the Advanced tab. The Advanced settings screen appears.
Figure 111. Advanced Settings
2. Check each checkbox in turn to activate the following options:
• Notifications. Enable the system tray icon to show when adding a new message to the Spam Mail folder.
• Spam Mail Folder. Move filter spam messages to the Deleted items folder.
o After [x] days. Type in the number of days the spam messages will be retained in the Spam Mail Folder before they are moved to the Deleted Items folder.
o Move Filtered Spam Now. Click to move the filtered spam on demand.
• Deleted Items Folder. Permanently remove filtered spam messages from the Deleted Items folder when the mail program closes.
3. Click OK to save your changes.
To Obtain Spam Statistics:
Figure 112. Anti-Spam Toolbar > Statistics
1. Select Statistics from the TrendProtect Toolbar. The Statistics window appears.
Figure 113. Spam-related Statistics
2. The Summary provides useful statistics such as how long the toobar has been running, the total number of messages processed, the number of spam messages detected by the Warning Toolbar, the number of spam messages the user reported, and the number legitimate messages misidentified as spam. You also get percentage data on the spam detection rate and the legitimate message misidentification rate.
3. Click Ok to close the window.
96
To Obtain Updates to the Anti-Spam Toolbar:
Figure 114. Anti-Spam Toolbar > Updates
1. Select Updates in the Anti-Spam Toolbar drop-down menu. The Updates screen appears.
Figure 115. Updates
2. Click Update Now to do an update on-demand.
3. Adjust the following options:
Automatic Updates.
• The Anti-Spam Toolbar is set by default to check for updates once every hour.
Uncheck this to disable automatic updates.
• Using the drop-down menu, select the preferred interval for automatic updates.
Notifications.
• Select Notify you before an update starts to get a pre-update notification.
• Select Do NOT notify you before an update starts. This is the default setting; select the previous setting to disable.
4. Click Proxy Settings to set up a proxy to receive notifications.
5. Click OK to save your changes.
To Help fight spam:
Figure 116. Help Fight Spam
1. Select Help fight spam! from the drop-down menu. The World Tracking Center screen appears.
Figure 117. World Tracking Center
2. By default, the Trend Micro Anti-Spam Toolbar automatically sends anonymous spam detection information to Trend Micro.
3. Click No, I don’t want to participate to disable the automatic feedback system.
98
To obtain Help using the Trend Micro Anti-Spam Toolbar:
Figure 118. Help
1. Select Help from the drop-down menu. The Trend Micro Anti-Spam Toolbar Help screen displays.
Figure 119. Trend Micro Anti-Spam Toolbar Help
2. Use the Contents tab to browse the Help system, the Index tab to read the index, or the Search tab to conduct a search by keyword.
To obtain information about the Trend Micro Anti-Spam Toolbar:
Figure 120. About
3. Select About from the drop-down menu. The Product Information dialog displays.
Figure 121. Product Information 4. Click OK to close the dialog.
100
To disable the Trend Micro Anti-Spam Toolbar:
Figure 122. Disable This Toolbar
1. Finally, you may also disable the Anti-Spam Toolbar by selecting Disable this toolbar from the toolbar menu.
2. The item acts as a toggle. To re-enable the toolbar, simply select Enable this toolbar in the same location of the drop-down menu.
TrendSecure Toolbars
To install the TrendSecure Toolbars:
1. Select TrendSecure Toolbars from the drop-down menu. The TrendSecure Toolbars screen displays.
Figure 123. TrendSecure Toolbars
2. For each toolbar, click Install to install the TrendProtect (Page Ratings) or Transaction Protector (Wi-Fi Advisor) toolbar. The Installation Wizard opens.
3. Follow the on-screen instructions to install the toolbar(s).
Using TrendProtect
TrendProtect, when installed, adds a button to your browser that warns you about malicious and Phishing Web sites by checking the Trend Micro database. TrendProtect rates the Web sites you visit into one of the two categories:
Dangerous. Red means the Web site is dangerous. Trend Micro recommends you to exercise caution while using this Web site.
Safe. Green means the Web site is safe.
Using Transaction Protector
Transaction Protector provides wireless safety information through the color of the toolbar button. It can also list the wireless networks available in your area and their safety ratings,
102
Toolbar Status
The following table describes the different statuses of Transaction Protector and what each status means.
Table 18: Transaction Protector Toolbar Status
Status Definition
Green denotes a safe connection.
Yellow denotes a connection to an open network whose safety is uncertain.
Grey denotes you are not connected to a network.
Red denotes a dangerous connection. Trend Micro
recommends you to switch to an alternate network or if this is not possible, avoid any secure transactions on this network.
Note: The signal strength is updated every 30 seconds and the speed of the connection indicates the maximum connection speed and NOT the current speed.
The following table describes the different statuses of TrendProtect and what each status
The following table describes the different statuses of TrendProtect and what each status