Apex One installation & Best practice guide
Apex One installation & Best practice guide
Apex One installation & Best practice guide
Privacy Notice
At RAH Infotech, we respect the privacy of our users. This guide includes best practices for
setting up and configuring Trend Micro Apex One On-Premise, which collects and processes
information in order to ensure effective protection against security threats. All data handled
during installation or while using Apex One will be managed in accordance with your
organization's privacy policy and industry regulations.
Information in this document is subject to change without notice. The names of companies,
products, people, characters, and/or data mentioned herein are fictitious and are in no way
intended to represent any real individual, company, product, or event, unless otherwise noted.
Complying with all applicable copyright laws is the responsibility of the user.
All other brand and product names are trademarks or registered trademarks of
their respective companies or organizations.
`
Table of Contents
Contents
INTRODUCTION ..................................................................................................................... 3
Trend Micro Apex One ......................................................................................................... 3
On-Premises Deployment................................................................................................... 3
Real-World Examples: ........................................................................................................ 3
TREND MICRO APEX CENTRAL ............................................................................................... 4
System Requirement .............................................................................................................. 5
Scan Method Deployment During Installation ......................................................................... 6
Security Agent........................................................................................................................ 7
Table Summary .................................................................................................................... 12
Web Reputation ................................................................................................................... 13
Behaviour Monitoring ........................................................................................................... 14
Predictive Machine Learning ................................................................................................. 15
Configure Device Control ..................................................................................................... 16
Enabling Application Control Integration ............................................................................... 17
Enabling Vulnerability Protection Settings ............................................................................. 18
Product: Apex One ............................................................................................................... 19
The Apex One Server ............................................................................................................ 19
The Dashboard .................................................................................................................... 20
Active Directory Integration .................................................................................................. 20
`
INTRODUCTION
On-Premises Deployment
On-premises deployments allow organizations to retain full control over their security
environment, including data management, policy customization, and direct access to threat
response capabilities. This is ideal for organizations with specific compliance needs, such as
those in regulated industries like finance, healthcare, or government.
Real-World Examples:
• Scenario 1: A large financial institution requires Apex One to protect sensitive
customer data, where compliance regulations demand the data never leaves the
organization's premises. Apex One ensures endpoint protection while maintaining
compliance with security regulations like GDPR and HIPAA.
• Scenario 2: A manufacturing company uses Apex One to secure its factory floor
devices, including legacy systems and modern IoT devices. With Apex One, the
organization is able to apply consistent security policies across all types of devices,
from old servers to mobile phones
`
Apex Central is a security management solution that gives an administrator the ability to control
the enterprise products or appliances from a central location --regardless of the program or the
appliance's physical location or platform. It allows the formulation of effective deployment and
response plans.
Apex Central allows system administrators to monitor and report on activities such as
infections, security violations, or virus entry points.
System administrators can download and deploy components throughout the network, helping
ensure that protection is consistent and up to date.
Apex Central allows both manual and pre-scheduled updates, and the configuration and
administration of products as groups or as individuals for added flexibility
Policy Management
Policy management allows administrators to enforce product settings on managed products
and endpoints from a single management console. They create a policy by selecting the targets
and configuring a list of product settings.
We can Create, manage, and deploy policies for Trend Micro Apex One Antivirus, Data Loss
Prevention, and Device Control, and assign privileges directly to Security Agents from the Apex
Central console.
`
System Requirement
Operating System Support
The following table outlines the operating system support and migration
availability for the Apex One server
The following table outlines the database support and migration availability
for the Apex One server.
Conventional Scan
Conventional Scan is the scan method used in all earlier Apex One versions. A
conventional scan agent stores all Apex One components on the agent endpoint and
scans all files locally.
Smart Scan
Smart Scan leverages threat signatures that are stored in-the-cloud. When in Smart
scan mode, the Apex One agent first scans for security risks locally. If the agent cannot
determine the risk of the file during the scan, the agent connects to a Smart Protection
Server.
Security Agent
Protect Windows endpoints from security risks by installing the Security Agent on each
endpoint.
Security Agents report to the server from which they were installed. They send event information
such as threat detection, Security Agent startup, Security Agent shutdown, start of a scan, and
completion of an update to the server in real time.
The following table lists the policy configurations available in Apex Central
4. On targets select Manage Targets and select target Apex One agents.
Scan Types :
Apex One provides the following scan types to protect Security Agent computers from security
risks:
Real-time Scan Automatically scans a file on the endpoint as it is received, opened, downloaded,
copied, or modified
Manual Scan A user-initiated scan that scans a file or a set of files requested by the user
Scheduled Automatically scans files on the endpoint based on the schedule configured by the
Scan administrator or end user
Scan Now An administrator-initiated scan that scans files on one or several target computers
Scheduled Scan
Scheduled Scan runs automatically on the appointed date and time. Use Scheduled Scan to
automate routine scans on the agent and improve scan management efficiency.
`
Scan Now
Scan Now is initiated remotely by administrators through the web console and can be targeted
to one or several Security Agent endpoints.
Table Summary
Scans Real-time Manual Scan Scheduled Scan Now
Scan Scan
Files to scan All Scannable All Scannable All Scannable All Scannable
Scan hidden folders ✓
Enable Intellitrap ✓
Web Reputation
Web reputation technology tracks the credibility of web domains by assigning a reputation
score based on factors such as a website's age, historical location changes, and indications of
suspicious activities discovered through malware behaviour analysis.
Trend Micro continually analyses websites and updates web reputation scores to prevent users
from accessing potentially malicious content.
Web Reputation allows you to add websites that you consider safe or dangerous to Approved or
Blocked lists.
Behaviour Monitoring
Behaviour Monitoring constantly monitors endpoints for unusual modifications to the operating
system or on installed software. Behaviour Monitoring protects endpoints through Malware
Behaviour Blocking and Event Monitoring.
4. On targets select Manage Targets and select target Apex One agents.
Configure Application Control criteria that you can then assign to Security Agent policy rules.
You can create "Allow" and "Block" criteria to limit the applications that users can execute or
install on protected endpoints.
4. On targets select Manage Targets and select target Apex One agents.
4. On targets select Manage Targets and select target Apex One agents.
7. Under Intrusion Prevention Rules tab go to Mode or Profile and choose between
Recommended/Aggressive.
• Downloads most of the components needed by agents. The Apex One server downloads
components from the Trend Micro Active Update server and then distributes them to agents.
The Dashboard
The Dashboard appears when you open the Apex One web console or click Dashboard in the
main menu.
Each web console user account has a completely independent dashboard. Any changes to a
user account’s dashboard will not affect the dashboards of the other user accounts.
• Widgets
• Tabs
Apex One
Agent Tree
Icon
The Apex One agent
tree icons provide
visual hints that
indicate the type
of endpoint
and the status of
Security Agents
that Apex One
manages.
Apex
One Agent