Enable Enhanced Protection | Trend Micro Service Central

Views:

Trend Micro recommends enabling ransomware and network attack protection on all Security Agents.

The following table outlines the Trend Micro Apex One web console features enabled for each setting.

Setting

Web Console Location

Features

Protect against ransomware

Agents → Agent Management > Settings → Behavior Monitoring Settings → Rules → Malware Behavior Blocking section

Enable Malware Behavior Blocking
- Threats to block: Known and potential threats
Protect documents against unauthorized encryption or modification
Enable program inspection to detect and block compromised executable files

Important

Enabling Protect against ransomware does not automatically enable the Unauthorized Change Prevention Service. If you disabled the service, you must manually enable the Unauthorized Change Prevention Service before Security Agents can protect against ransomware attacks.

Protect against network attacks

Agents → Agent Management > Settings → Additional Service Settings → Suspicious Connection Service section

Enables the Suspicious Connection Service on Windows desktops

Agents → Agent Management > Settings → Suspicious Connection Settings

Detect network connections made to addresses in the Global C&C IP list: Block
Detect connections using malware network fingerprinting: Block