Configuring Agent Privileges

Procedure

1. Configure settings as required.

   Section	Settings
   Independent Mode	Enable Independent mode: Allows users to disable the following features on the Trend Vision One Endpoint Security agent to prevent the Trend Vision One Endpoint Security agent from adversely affecting system performance: The Trend Vision One Endpoint Security agent does not accept policy settings from the server The Trend Vision One Endpoint Security agent does not initiate scan commands from the server The Trend Vision One Endpoint Security agent does not send logs to the server End users can manually initiate scans and updates on agents in Independent mode.
   Scans	Configure Manual Scan: Allows users to configure the Manual Scan settings on the Trend Vision One Endpoint Security agent console Configure Real-time Scan: Allows users to configure the Real-time Scan settings on the Trend Vision One Endpoint Security agent console Configure Scheduled Scan: Allows users to configure the Scheduled Scan settings on the Trend Vision One Endpoint Security agent console
   Scheduled Scans	Postpone Scheduled Scan: Allows users to postpone a Scheduled Scan before the scan starts or stop a currently running scan for a specified period Note Users can only stop a running scan once. Once the scan restarts, the Trend Vision One Endpoint Security agent rescans all files on the endpoint. Skip and stop Scheduled Scan: Allows users to skip or stop a running Scheduled Scan one time Note Users cannot skip or stop a Scheduled Scan more than one time. Even after a system restart, Scheduled Scan resumes scanning based on the next scheduled time.
   Firewall	Display the Firewall settings on the Security Agent console: Allows users to configure the Firewall settings on the Trend Vision One Endpoint Security agent console Allow users to enable/disable the firewall, Intrusion Detection System, and the firewall violation notification message: Displays the Enable/Disable Firewall and Enable/Disable IDS Mode menu options on the Trend Vision One Endpoint Security agent system tray icon Note The Apex One Firewall protects agents and servers on the network using stateful inspection, high performance network virus scanning, and elimination. If you grant users the privilege to enable or disable the firewall and its features, warn them not to disable the firewall for an extended period of time to avoid exposing the endpoint to intrusions and hacker attacks. Allow Security Agents to send firewall logs to the Apex One server: Configures the Trend Vision One Endpoint Security agent to send Firewall logs to the server, allowing you to analyze network traffic
   Behavior Monitoring	Display the Behavior Monitoring settings on the Security Agent console: Allows users to configure the Behavior Monitoring settings on the Trend Vision One Endpoint Security agent console
   Trusted Program List	Display the Trusted Program List on the Security Agent console: Allows users to configure the Trusted Program List on the Trend Vision One Endpoint Security agent console
   Mail Scan	Display the Mail Scan settings on the Security Agent console: Allows users to configure the Mail Scan settings on the Trend Vision One Endpoint Security agent console If enabled, Real-time Scan can detect and take action on POP3 email messages retrieved from the mail server that contain malicious threats.
   Proxy Settings	Allow users to configure proxy settings: Allows users to use user-configured proxy settings only in the following instances: When Trend Vision One Endpoint Security agents perform "Update Now". When users disable, or the Trend Vision One Endpoint Security agent cannot detect, automatic proxy settings. WARNING Incorrect user-configured proxy settings can cause update problems. Exercise caution when allowing users to configure their own proxy settings.
   Component Updates	Perform "Update Now": Displays the Update Now menu option on the Trend Vision One Endpoint Security agent system tray icon Enable/Disable schedule-based updates: Displays the Enable/Disable Schedule-based Updates menu option on the Trend Vision One Endpoint Security agent system tray icon Note Administrators must first select the Enable schedule-based updates on Security Agents setting on the Other Settings tab before the menu item appears on the Trend Vision One Endpoint Security agent menu.
   Unload and Unlock	The Trend Vision One Endpoint Security agent unloading and unlocking privilege allows users to temporarily stop the Trend Vision One Endpoint Security agent or gain access to advanced web console features with or without a password. Does not require a password Requires a password: Type the required password and confirmation password Note Passwords must meet the following complexity requirements: Length of 8 to 32 characters At least one of each: uppercase (A-Z), lowercase (a-z), numeric (0-9), and special character Cannot contain non-printable ASCII characters Important If you select Requires a password and do not specify a password, Apex Central applies the following default password: For Apex One on-premises: The password provided during server installation For Apex One as a Service: The account name used to provision the console
   Uninstallation	The Trend Vision One Endpoint Security agent uninstallation privilege allows users to uninstall the Trend Vision One Endpoint Security agent program on local endpoints. Does not require a password Requires a password: Type the required password and confirmation password Note Passwords must meet the following complexity requirements: Length of 8 to 32 characters At least one of each: uppercase (A-Z), lowercase (a-z), numeric (0-9), and special character Cannot contain non-printable ASCII characters Important If you select Requires a password and do not specify a password, Apex Central applies the following default password: For Apex One on-premises: The password provided during server installation For Apex One as a Service: The account name used to provision the console