Professional Documents
Culture Documents
6
Applying Latest Patch(es) for OSCE 10.6
To find out the latest patches, refer to http://www.trendmicro.com/download/product.asp?productid=5
Both essentially work the same way, but are ported for different software platforms. Integrated Scan Server The integrated scan server is automatically installed on the OfficeScan server. It can be installed during OfficeScan server installation or at later point. Standalone Scan Server The standalone scan server is recommended to large networks. At this point, this server is only available as a VMWare image that runs CentOS. For more information regarding image compatibility on virtual servers Refer to: http://docs.trendmicro.com/en-us/enterprise/officescan.aspx
2. When opting to use the Integrated scan server, make sure that it is actually installed To verify if the scan server is installed and accessible from a particular desktop, enter the following URL in the desktops browser: https://officescan_host:<port>/tmcss/?LCRC=08000000AC41080092000080C4F01936B21D9104 If the browser returns the following, then the Scan Server is both enabled and accessible.
3. Enable Smart Scan - The Integrated Scan Server is enabled using the following checkbox on the Scan Server screen on the OfficeScan management console.
Before including an Integrated Scan Server in the scan server list, make sure that it is enabled. When using File Reputation functionality with an integrated scan server, make sure that the scan server is enabled before switching scan types. This is an important step because the mechanism for switching from standard scanning to File Reputation does not include automatic verification of scan server functionality. It is, therefore, possible to assign a File Reputation-enabled OfficeScan client to a nonfunctional scan server.
4. Create separate domains for Smart and Conventional clients Upon installation, the default scan mode for the OfficeScan network is called Conventional scan. This uses the traditional schema of using all-local patterns. Administrators can switch OfficeScan clients to Smart Scan. As with other OfficeScan client settings, if the administrator sets this setting at the root of the OfficeScan client tree, this becomes the default scan method, and will affect all future clients, in addition to existing clients that are not already assigned client-specific scan-method settings. Deploy clients in Conventional scan, and then switch them over to Smart scan afterwards. Create OfficeScan domains that have Smart scan enabled by default, and then migrate 5. Schedule Smart Scan Server to update on an hourly basis.
Permissions for Storage and Non-Storage Devices Allow access to USB storage devices, CD/DVD, floppy disks, and network drives. You can grant full access to these devices or limit the level of access. Limiting the level of access brings up Program lists which allows programs on storage devices to have modify, read and execute, read, List device content only and Block permissions. Configure the list of approved USB storage devices. Device Control allows you to block access to all USB storage devices, except those that have been added to the list of approved devices. You can grant full access to the approved devices or limit the level of access. Use default permission for Non-Storage Devices, You can only allow or block access to nonstorage devices. There are no granular or advanced permissions for these devices.
to restore system policy and this has been implemented via the use of TSC.INI file. For more information on how to clean malware remnants and restore security policies, visit
http://esupport.trendmicro.com/Pages/How-to-clean-malware-remnants-and-restore-policies-usingGeneriClean.aspx
Intrusion Defense Firewall is an advanced, host-based intrusion defense system that brings proven network security approaches, including firewall and intrusion detection and prevention, down to individual networked computers and devices. In addition, it can also prevent a malware attack that exploits the vulnerability. More information can be found at http://www.trendmicro.com/download/product.asp?productid=84 1. Login to the OfficeScan Management Console 2. Click Plug-in Manager 3. Under Intrusion Defense Firewall, click Download
Disable Autorun
1. Click on Start then Run 2. Type in GPEDIT.MSC then hit Enter. 3. Go to Local Computer Policy | Administrative Template | System 4. On the right pane, double-click Turn off Autoplay 5. When you are in the properties dialog box, click enabled 6. Choose All drives from the drop-down list underneath. 7. Click on OK.
Run Microsoft Baseline Security Analyzer 2.1 once a Month to check for Unpatched PC
1. Download the tool on the link below http://www.microsoft.com/downloads/details.aspx?FamilyID=F32921AF-9DBE-4DCE889EECF997EB18E9&displaylang=en#Instructions 2. See more information on the link below http://technet.microsoft.com/en-au/security/cc184924.aspx