Views:

Enroll your Standard Endpoint Protection and Server & Workload Protection instances in version control policies to centralize management of agent and component updates.

Important
Important
  • Version Control Policies is a ”Pre-release" sub-feature and is not part of the existing features of an official commercial or general release. Please review the Pre-release Sub-feature Disclaimer before using the sub-feature. There is no additional charge for pre-release sub-features before official release. We will notify you at least 30 days before official release or any upcoming charge. If you want to stop using one or more pre-release sub-features, you can opt out at any time before official release from Platform Directory.
  • This feature is not available in all regions.
  • Version control policies only support endpoints with the Trend Vision One Endpoint Security agent version 202412 or later installed.
  • Version control policies only support endpoints with the Trend Vision One Endpoint Security agent installed.
Version control policies automatically manage agent and component updates for the Trend Vision One Endpoint Security agent. Updates for endpoint protection components are managed based on the enrollment status of your Protection Managers. The table below details what version control policies manages:

Solution
Trend Vision One Endpoint Security agent components
Endpoint protection components (patterns, engines)
Trend Micro agents reporting to Trend Vision One Endpoint Inventory
Yes
No
Standard Endpoint Protection Managers - enrolled in version control policies
Yes
Yes
Standard Endpoint Protection Managers - not enrolled in version control policies
Yes
No
Server & Workload Protection Managers - enrolled in version control policies
Yes
Yes
Server & Workload Protection Managers - not enrolled in version control policies
Yes
No
For connected endpoint protection solutions (for example, Apex One as a Service or Trend Cloud One Endpoint & Workload Protection), the version control policies only apply to endpoints that report to Trend Vision One Endpoint Inventory (endpoints with the Trend Vision One Endpoint Security agent installed). The connected endpoint protection servers apply their own components policies to manage all other components.
To manage endpoint protection updates for Standard Endpoint Protection and Server & Workload Protection, you must enroll your Protection Manager instances. To enroll your Protection Manager instances, click the settings icon (gear_icon=fc9a51ad-35af-4fe3-92c6-5e41b2dfc5d9.png) and select Protection Manager enrollment.
Note
Note
You can still assign endpoint groups to version control policies even if the Protection Manager instance is not enrolled.
When enrolling, please note the following:
  • Version control policies only support Trend Vision One Endpoint Security agent version 202412 and later.
  • Version control policies cannot manage endpoints which do not have the Trend Vision One Endpoint Security agent installed. For more information, see What is an unmanaged endpoint?.
    To download and install the Trend Vision One Endpoint Security agent package, see Deploy Agents.
  • Deploy a Service Gateway with the ActiveUpdate and Generic Caching Service services enabled.
    The Service Gateway provides local proxy and ActiveUpdate services for endpoint agents. Additionally, the Generic Caching Service helps simplify your environment by replacing the Update Agents feature for Standard Endpoint Protection and the Relays feature for Server & Workload Protection. For more information about Service Gateways, see Service Gateway Management.
    Important
    Important
    The Generic Caching Service is a pre-release feature not supported in all regions and might not appear in your list of Service Gateway services. To access the service, please contact your sales representative.
  • Policy settings override any settings in the Protection Manager. This includes version control and pausing, resuming, or disabling updates.
  • The component update schedule is configured in the Protection Manager.