|
Pattern file has not been updated for a while
|
Security Agent users need to update
components. From the web console, configure component update
settings in , or grant users the privilege to update in
> .
|
|
Real-time Scan Service has been disabled or is not functional
|
If the Real-time Scan Service (Apex One NT RealTime
Scan) has been disabled or becomes non-functional, users must start
the service manually from Microsoft Management Console.
|
|
Real-time Scan was disabled
|
Enable Real-time Scan from the web console ( > ).
|
|
Real-time Scan was disabled and the Security Agent is in Independent mode
|
Users need to disable Independent mode first. After
disabling Independent mode, enable Real-time Scan from the web
console.
|
|
The Security Agent is connected to the network
but appears offline
|
Verify the connection from the
web console () and then check connection verification logs
().
If the Security Agent is still offline after
verification:
-
If the connection status on both the server and Security Agent is offline, check the
network connection.
-
If the connection status on the Security Agent is offline but online
on the server, the server's domain name may have been
changed and the Security Agent connects to the server
using the domain name (if you select domain name during
server installation). Register the Apex One server's domain name to the DNS
or WINS server or add the domain name and IP information
into the "hosts" file in the following folder on the agent
endpoint: <Windows
folder>\system32\drivers\etc
-
If the connection status on the Security Agent is online but offline
on the server, check the Apex One firewall settings. The firewall
may block server-to-agent communication, but allow
agent-to-server communication.
-
If the connection status on the Security Agent is online but offline
on the server, the Security Agent's IP address may have
been changed but its status does not reflect on the server
(for example, when the agent is reloaded). Try to
redeploy the Security Agent.
|
|
Smart protection sources are unavailable
|
Perform these tasks if the
agent loses connection with smart protection sources:
-
On the web console, go to the Endpoint Location screen () and check if the following endpoint location settings have been
configured properly:
-
On the web console, go to the Smart Protection Source screen
() and then perform the following tasks:
-
Check if the Smart Protection Server settings on the
standard or custom list of sources are correct.
-
Test if connection to the servers can be
established.
-
Click Notify All Agents after
configuring the list of sources.
-
Check if the following configuration files on the Smart
Protection Server and Security Agent are synchronized:
-
Open Registry Editor and check if the agent is
connected to the corporate network.
Key:
HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\iCRC
Scan\Scan Server
-
If LocationProfile=1, the Security Agent is connected to
the network and should be able to connect to a Smart
Protection Server.
-
If
LocationProfile=2, the Security Agent is not connected
to the network and should connect to the Smart
Protection Network. From Internet Explorer, check if
the Security Agent endpoint can
browse Internet web pages.
-
Check internal and external proxy settings used
to connect to Smart Protection Network and Smart Protection
Servers.
For more information, see Configuring Internal Agent Proxy Settings and Configuring External Agent Proxy Settings.
-
For conventional scan agents running Windows 7,
Server 2012, and later versions, verify that the tmusa
driver is running. If this driver stops, agents cannot
connect to smart protection sources for web reputation.
|
