<> Trend Micro, Inc. June 4, 2004 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) Control Manager 3.0 GM Build- 1417 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents =================================================================== 1. About Trend Micro Control Manager 1.1 About Trend Micro Damage Cleanup Services 1.2 About Trend Micro Vulnerability Assessment 2. What's New 2.1 Major Bug Fixes 2.2 Pattern File Numbering System 2.3 Damage Cleanup Services features and benefits 2.4 Vulnerability Assessment features and benefits 3. Document Set 4. Recommended System Requirements 5. Installation 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Contact Information 10. About Trend Micro 11. License Agreement =================================================================== 1. About Trend Micro Control Manager ======================================================================== Control Manager is a multi-tiered security management solution that gives an administrator the ability to control antivirus and content security software or appliances from a central location -- regardless of the program or the appliance's physical location or platform. This application simplifies the administration of a corporate virus and content security policy. It allows you to interface with the Trend Micro Outbreak Prevention Services(tm) (OPS) and Damage Cleanup Services(tm) (DCS) that address the management of virus lifecycle particularly during virus outbreaks. With OPS/DCS, Control Manager provides you with answers to the following key network security questions: - Am I under attack? - Can my system handle the attack? - How should I respond to the attack? - Where are the damages? - How can I repair my system? 1.1 About Trend Micro Damage Cleanup Services ======================================================================== Damage Cleanup Services is a comprehensive service that helps assess and repair(Cleanup)system damages without installing software on client systems. Damage Cleanup Services can remotely assess and repair system damages on Microsoft Windows NT 4 Server and Workstation with Service Pack 6 or later, Windows 2000 Server and Advanced Server, Windows XP Professional, and Windows 2003 Standard Server and Enterprise Server from the Control Manager management console. 1.2 About Trend Micro Vulnerability Assessment ======================================================================== Vulnerability Assessment provides system administrators or other network security personnel with the ability to assesses security risks to their networks. The information they generate by using Vulnerability Assessment gives them a clear guide as to how to resolve known vulnerabilities and secure their networks. 2. What's New ======================================================================== Trend Micro Control Manager 3.0 represents a significant advance in antivirus and content security products monitoring and management software. Architectural improvements in Control Manager 3.0 make Control Manager more flexible and scalable than ever before. The following new features are available in version 3.0: * Standard and Enterprise editions * Control of multiple Control Manager servers from a single management console * Agent-free Damage Cleanup Services * System vulnerability scanning using Vulnerability Assessment * MSDE 2000 support for Control Manager database * Support for Trend Micro Online Registration system * Support for activation code * Secure Sockets Layer (SSL) support management console and ActiveUpdate * Enhanced Update Manager options * New report templates to support Trend Micro InterScan Messaging Security Suite and OfficeScan Corporate Edition information * New Event Center events * Support for MSN Messenger(TM) notification * Latest component version update via TrendLabs Message Board 2.1 Major Bug Fixes ===================================================================== 1. Supports AS400, OS390, Linux and AIX Engine duplicate function for ScanMail for Lotus Notes. 2. ActiveX(TM) reports can be purged as expected. 3. If the scheduled download start time is set to "00:00", the scheduled download no longer occurs an hour earlier. 4. Reports Run Now function correctly sends report attachments. 5. Control Manager can correctly deploy engine updates to SMEX 3.81 and 6.0 via TVCS 1.8x agents. 6. The German version of OfficeScan can successfully upload component packages to the Control Manager server. 7. Control Manager can successfully deploy the NTKD scan engine to the OfficeScan Corporate Edition 5.5 server when the VxD scan engine is up-to-date. 8. The Control Manager console correctly displays TVCS agent scan engine counts displayed on Home/Component Status. 2.2 Pattern file numbering system ===================================================================== Trend Micro Control Manager makes use of a new pattern file numbering format: n.nnn.nn. Under this system, the first 4 digits represent the pattern file number and the last two digits represent the file's build or controlled release version. Under the new system, pattern file 628, released in 2003, is displayed as 1.628.00. This new format has no impact on the product's other virus scanning functions or on the functionality of other Trend Micro products still using the old format. Versions 2.5 and lower of Trend Micro Control Manager will still recognize and display pattern file numbers using the older 3-digit format. 2.3 Damage Cleanup Services features and benefits ===================================================================== * Damage assessment reports: Damage Cleanup Services offers the ability to generate and view damage assessment reports using the latest damage cleanup engine and damage cleanup template This information is vital to ensure optimal system performance, especially after an outbreak occurs. * Regular and scheduled tasks: use Damage Cleanup Services to create regular and scheduled tasks These tasks provide central reporting back to the Control Manager server. The following two centralized management actions are available when performing tasks: * Assessment only: assessment on machines with possible virus remnants still in the network * Cleanup: assessment and cleanup including removal of virus remnants that could re-attack a network * Remote deployment: create and perform scheduled damage assessment and cleanup tasks from the Control Manager management console. * Seamless integration with other Control Manager services: Damage Cleanup Services is easy to integrate with other Control Manager services such as Outbreak Prevention Services In the event of an outbreak, Control Manager can prompt Damage Cleanup Services to assess and cleanup existing managed products under the Product Directory with minimal intervention. This prevents additional damage and saves time. 2.4 Vulnerability Assessment features and benefits ===================================================================== * Centralized assessment reporting: Vulnerability Assessment uses the latest Vulnerability Assessment Engine (VAE) and Vulnerability Assessment pattern file (VAP) to generate in depth assessment reports. The reports are available by accessing the Control Manager Web console. * Regular and scheduled assessment task creation: use Vulnerability Assessment to create regular and scheduled assessment tasks; regular assessment tasks are performed on demand, whereas scheduled assessment tasks are performed based on a specific schedule * Assessment Tasks are easy to create and require very low maintenance. Once created, tasks can be quickly edited to meet administrator needs. * Remote assessment task deployment: use the Control Manager Web console to deploy assessment and enforcement tasks without installing any software on client machines; this feature helps minimize the amount of work for administrators * Seamless integration with other Control Manager services: Vulnerability Assessment is easy to integrate with other Control Manager services such as Outbreak Prevention Services, Damage Cleanup Services, and Network VirusWall 1200 * Flexible update methods: download the latest virus assessment engine/pattern updates with or without user intervention; scheduled updates provide both flexibility and peace of mind * Real-time task monitoring: view the status of assessment tasks through the Control Manager Web console whenever there is a need for it. This feature is quite useful to visually verify that Vulnerability Assessment is working properly. * Hassle-free machine selection: Specify a range of IP addresses or a domain to select the target machines Vulnerability Assessment will deploy to; this effective approach will save you time when deploying Vulnerability Assessment to a large network 3. Document Set ======================================================================== The documentation set for this product includes: Readme.txt -- version enhancements, basic installation, known issues, release history Online help -- Context-sensitive help screens that provide guidance for performing a task Getting Started Guide -- product overview, installation planning, installation and configuration instructions, and basic information intended to get you "up and running" Knowledge Base -- a searchable database of known product issues, including specific problem-solving and troubleshooting topics. http://kb.trendmicro.com/solutions/ 4. Minimum System Requirements ======================================================================== The Control Manager server and agent require the followings on the machines where they are installed: 4.1 Hardware Requirements ~~~~~~~~~~~~~~~~~~~~~~~~~ Server ====== CPU Intel(tm) Pentium(tm) III Processor 450MHz or higher RAM 256MB RAM Disk Space 300MB for Control Manager Standard Edition 350MB for Control Manager Enterprise Edition 300MB for MSDE 2000 (Optional) Agent ====== Please refer to the managed product documentation for detailed information. 4.2 Software Requirements ~~~~~~~~~~~~~~~~~~~~~~~~~ Server ====== Operating system Microsoft(tm) Windows NT(tm) 4 with Service Pack 6a, Microsoft Windows 2000 Server / Advanced Server with Service Pack 3, Microsoft Windows Server 2003 Standard Edition / Enterprise Edition Web server Microsoft Internet Information Server (IIS) 4.0 or higher Database Any of the following: Microsoft Data Engine (MSDE) 1.0 / 2000 (2000 + SP3 is recommended), Microsoft SQL Server 7.0, Microsoft SQL Server 2000 (2000 + SP3 is recommended) Others SQL ODBC driver 3.7 or higher Windows Installer (included in Control Manager package) Agent ====== Refer to the below URL to get newest supported agents by Control Manager: http://www.trendmicro.com/en/products/management/tmcm/evaluate/ requirements.htm Management console ================== Browser Microsoft Internet Explorer 5.5 with SP2 or higher Java VM Microsoft Version 5.0.0.3805 or higher Supported Clients* ================== Operating system Microsoft(tm) Windows NT(tm) 4 with Service Pack 6a Microsoft Windows 2000 Professional with Service Pack 3 Microsoft Windows 2000 Server / Advanced Server with Service Pack 3 Microsoft Windows XP Professional Microsoft Windows Server 2003 Standard Edition / Enterprise Edition * For Damage Cleanup Services, and Vulnerability Assessment 5. Installation ======================================================================== Installing Control Manager requires performing the following steps: Step 1: Accept the license agreement and activate the product and services Step 2: Specify Control Manager server file location and communications settings Step 3: Choose and configure database information Step 4: Set up root account and configure proxy server Step 5: Configure notification settings Trend Micro recommends installing Control Manager 3.0 on a separate server, rather than upgrading Trend VCS 1.x or Control Manager 2.5 to version 3.0. This way, the original server remains intact, allowing you to de-commission the original server in a timely and effective manner. For more information about upgrading, see the "Upgrading to Control Manager 3.0" section in the Getting Started Guide. To install the Control Manager server: Step 1: Accept the license agreement and activate the product and services 1. On the Windows taskbar, click Start > Run, and then locate the Control Manager installation program (Setup.exe). If you are installing from the Trend Micro Enterprise Protection CD, go to the Control Manager folder on the CD. If you downloaded the software from the Trend Micro Web site, navigate to the relevant folder on your computer. The installation program checks your system for existing components. The Welcome screen appears. The setup program can detect an existing copy of Trend Virus Control System, and give you the option to migrate it to Control Manager; doing so also upgrades all Trend VCS agents on your system. Before proceeding with the installation close all instances of the Microsoft Management Console. For more information about migration see the "Planning Trend VCS or Control Manager agent migration" section in the Getting Started Guide. 2. Click Next. The Software License Agreement appears. If you do not agree with the terms of the license, click No; the installation will discontinue. Otherwise, click Yes. A summary of detected components appears. 3. Click Next. 4. Type your name and company. 5. Click Next. The Product Activation screen (Step 1) appears. 6. Click Register Online and follow the on-screen instructions to register your product. 7. Click Next. The Product Activation screen (Step 2) appears. 8. Type the Activation Code for Control Manager and any other additional purchased services (you can also activate optional services from the Control Manager console). 9. Click Next. The World Virus Tracking program appears. 10. Click Yes to participate in the World Virus Tracking Program. You can add your data to the Trend Micro Virus Map by choosing to participate in the World Virus Tracking Program. When you choose to participate, Trend Micro Control Manager will only send anonymous information, and you can stop participating any time by choosing No and updating your status on the Control Manager management console. Step 2: Specify Control Manager server file location and communications settings 1. Click Next. Specify a location for Control Manager files. The default location is C:\Program Files\Trend Micro. Click Browse to specify an alternate location. Note: The setup program installs files related to the Control Manager communication, (the Trend Micro Management Infrastructure) in predetermined folders in the Program files folder. 2. Click Next. The settings on the next screen define communication security and how the Control Manager network identifies your server. Select a Security level for Control Manager server and managed product communication. The options are Low, Medium, and High; the default setting is Medium. 3. Under Host address, define how the Control Manager communication system identifies your Control Manager server. The setup program attempts to detect both the server's Fully Qualified Domain Name (FQDN) and IP address and displays them in the appropriate field. If your server has more than one Network Interface Card, or if you assign your server more than one FQDN, the names and IP addresses appear here. Choose the most appropriate address or name by selecting the corresponding option or item in the list. If you use the host name or FQDN to identify your server, make sure that this name can be resolved on the product machines, otherwise the products cannot communicate with the Control Manager server. 4. Click Next. The Choose Destination Location screen appears. Specify the location of the Control Manager backup and authentication files (for more information see the "Control Manager 2.5 files that should be backed up" section in the Getting Started Guide). Click Browse to specify an alternate location. 5. Click Next. The Specify Web Server Information screen appears. From the IP address list, select the IP address or FQDN/host name you want to use for the Control Manager Management Console. Step 3: Choose and configure database information 1. Click Next. Select a database to use with Control Manager. * Install Microsoft Data Engine (MSDE) - the setup program automatically selects this option if an SQL server is not installed on this machine. Do not forget to specify a password for this database in the field provided. Note: The Microsoft Data Engine (MSDE) is suitable only for a small number of connections. An SQL server is preferable for large Control Manager networks. * SQL Server - the setup program automatically selects this option if an SQL server is detected on your server. Provide the following information: * SQL Server (\Instance) - this server hosts the SQL server that you want to use for Control Manager. If an SQL server is present on your server, the setup program automatically selects it. To specify an alternative server, identify it using its FQDN, IP address, or NetBIOS name. If more than one instance of SQL server exists on a host server (this can be either the same server where you are installing Control Manager, or another server), you must specify the instance. For example: your_sql_server.com/instance * SQL Server Authentication - provide credentials to access the SQL server. By default, the User name is "sa". Warning! For security reasons, do not use an SQL database that is not password protected. 2. Under Trend Micro Control Manager database, provide a name for the Control Manager database. The default name is "db_ControlManager". 3. Click Next to create the required database. If the setup program detects an existing Control Manager database, you have the following options: * Append new records to existing database- the Control Manager you install retains the same settings, accounts, and Product Directory entities as the previous server. In addition, Control Manager retains the root account of the previous installation - you cannot create a new root account. * Delete existing records, and create a new database- the existing database is deleted, and another, using the same name, is created * Create a new database with a new name- you are returned to the previous screen to allow you to change your Control Manager database name Note: If you append records to the current database, you will not be able to change the root account. The Root Account screen appears. Step 4: Set up root account and configure proxy server 1. Provide the following required account information: * User ID * Full Name * Password * Password confirmation * Email address 2. If you use a proxy server connect to the Internet, select the Enable proxy server check box, and then set the following: * Proxy server- type the FQDN, IP address, or NetBIOS name of the server * Port- type the proxy port number * Proxy type- click the appropriate proxy type: HTTP or SOCKS * User name- type a logon name that can access the proxy. Provide both the domain name and logon name, for example: domain\username * Password 3. Click Next. The system verifies the proxy settings. The proxy configuration screen for Trend VCS agents appears. To use a proxy server to communicate with these agents, select the Enable proxy server check box, and then provide the same set of information you specified to connect to the Internet. Step 5: Configure notification settings 1. Configure the various settings used for the Control Manager notification functions. SMTP server- this allows you to send email notifications via your SMTP server. Provide the SMTP server’s FQDN, IP address, or NetBIOS name, and the appropriate port, in the fields provided. Pager COM Port- specify the port used for sending pager alerts. SNMP Trap Notification- provide the required Community Name and IP address in the fields provided. 2. Click Next. Define the routes for incoming and outgoing messages or requests. These settings allow you to adapt Control Manager to your company's existing security systems. Select the appropriate route. Note: Message routing settings are only set during installation. Proxy configurations made here are not related to the proxy settings used for Internet connectivity–though the same proxy settings are used by default. Source of incoming messages Direct from registered agents- the agents can directly receive incoming messages. Proxy server- use a proxy server when receiving messages. For additional details about using and configuring proxies, see the "Configure proxy server connection for component download and Trend VCS agents" section in the Getting Started Guide. IP port forwarding- this feature configures Control Manager to work with the IP port forwarding function of your company's firewall. Provide the firewall server’s FQDN, IP address or NetBIOS name, and then type the port number that Control Manager opened for communication. Route for outgoing messages Direct to registered agents - Control Manager sends outgoing messages directly to the agents. Proxy server - Control Manager sends outgoing messages via a proxy server. For additional details about using and configuring proxies, see the "Configure proxy server connection for component download and Trend VCS agents" section in the Getting Started Guide. 3. Click Next. Specify the Start menu program folder that will contain the Control Manager shortcut. The default is ’Trend Micro Control Manager’. Click Next. The installation begins. 4. Click Finish to complete the installation. 6. Post-Installation Configuration ======================================================================== After successfully installing Control Manager, Trend Micro recommends performing the following post-installation configuration steps. 1. Register and activate Control Manager After you have successfully installed Control Manager, check the license status and expiration date on the management console, click Administration > Registration > License Information. If the status is not "Activated" or is expired, obtain an Activation Code and active your software (on the management console, click Administration > Registration > License Information > Activate the product). If you experience issues with your Activation Code, contact technical support. 2. Configure user accounts Create Control Manager user accounts based on your needs. Consider the following when creating your accounts: * The number of different user types (Administrators, Power Users, and Operators) * Assign appropriate permissions and privileges to each kinds of user types * For users to take advantage of the cascading management structure, they need to have "Power User" rights or greater 3. Download the latest components to enhance security protection After installation, manually download the latest components (Pattern files\Cleanup templates, Engine updates) from the Trend Micro ActiveUpdate server to help maintain the highest security protection. If a proxy server exists between a Control Manager server and the Internet, you need to configure the proxy server settings (on the Web console, click Administration > System Settings). 4. Set notifications After installation, configure the events that will trigger notifications to monitor significant virus attacks and related security activities. Besides specifying notification recipients, choose notification channels and test them to make sure they work as expected (on the management console, click Administration > Event Center). 7. Known Issues ======================================================================== Here are the known issues for this release: 7.1 Outbreak Prevention Services (previously called Outbreak Commander) issues 7.1.1 Outbreak Prevention Policies not accurately displayed in command tracking ===================================================================== If an Outbreak Prevention Policy is applied when a Communicator is inactive (in accordance with its Communicator Schedule), the policy settings are applied to the managed products, but are not accurately displayed in Command Tracking. Command Tracking initially displays "In Progress", and then "Failed". Communicators receive command requests, but do not send status information to the Control Manager and therefore, the necessary Command Detail information is not sent to the server causing incorrect reports. 7.1.2 Outbreak Prevention Services only supports HTTP-based (Web) OfficeScan ===================================================================== The file-based version of OfficeScan is not supported by Outbreak Prevention Services. 7.1.3 Unregistered entity information path information lost in Command Details ===================================================================== If an entity is unregistered, its path information in Command Details will be lost. The record will show "non-registered" in the Server/Entity column. 7.2 Damage Cleanup Services issues 7.2.1 Only one Damage Cleanup task can be performed at a time ==================================================================== When two tasks (scheduled or manual) are triggered at the same time, the one with the lower task ID number will be performed first. This is also applicable if you are running Vulnerability Assessment tasks along with Damage Cleanup tasks. 7.2.2 Damage Cleanup Services cannot be deployed to clients whose C:\temp folder is encrypted ==================================================================== If the target client's "C:\temp" folder is encrypted and the client is registered to a domain, Damage Cleanup Services cannot be deployed unless the Control Manager server is the Primary Domain Controller for the target client. 7.2.3 Modifying the Daylight Savings time setting can cause deploy issues ==================================================================== Restart the Control Manager service whenever the Daylight Savings Time setting (under Windows Time Zone) is modified. Failure to do so may impact how scheduled tasks are executed. 7.2.4 Damage Cleanup Services will not deploy to clients behind a firewall ==================================================================== Damage Cleanup Services cannot be deployed to a target client machine if it is behind a personal firewall. 7.2.5 Purging virus or security logs from the Control Manager Web console prevents users from viewing machine records ==================================================================== If either virus or security logs are purged using the Control Manager management console, the Task Details page will not display any machine records. 7.2.6 Unsupported clients appear under wrong section ==================================================================== Damage Cleanup Services will display "Deploy failed" instead of "Unsupported" when attempting to deploy to a client running Windows XP Home Edition. It will also display "Duplicate file failed" in "Description" under "Result". 7.2.7 Damage Cleanup Services can only be deployed to client machines that have enabled Null Session access ==================================================================== If Null Session access is disabled on a client machine, Damage Cleanup Services cannot be deployed to this client. 7.2.8 Unsupported clients do not appear when selecting machines by machine name ==================================================================== Unsupported clients are filtered when selecting machines by machine name. No filtering occurs when selecting machines by IP address. 7.2.9 Damage Cleanup Services is unable to clean all available machines ==================================================================== When selecting all in the "Task Details" page, only machines that appear in the page will be cleaned. You can only clean selected machines one page at a time. 7.2.10 Task ID number limitation ==================================================================== The largest possible Task ID number is 214783647. 7.2.11 Viewing tasks under "Current Queued Tasks" ==================================================================== Tasks listed under "Current Queued Tasks" are sorted in the order they were triggered. 7.3. Vulnerability Assessment issues 7.3.1. Only one Vulnerability Assessment task can be performed at a time. ==================================================================== When two tasks (scheduled or manual) are triggered at the same time, one will be queued. The task that you created first will run first. 7.3.2. Vulnerability Assessment cannot be deployed to clients whose C:\temp folder is encrypted ===================================================================== If the target client's "C:\temp" folder is encrypted and the client is registered to a domain, Vulnerability Assessment cannot be deployed unless the Control Manager server is the Primary Domain Controller for the target client. 7.3.3. Modifying the Daylight Savings time setting can cause deployment issues ===================================================================== Restart the Control Manager whenever the Daylight Savings Time setting (under Windows Time Zone) is modified. Failure to do so may impact how scheduled tasks are executed. 7.3.4. Vulnerability Assessment cannot be deployed to clients behind a firewall ===================================================================== Vulnerability Assessment cannot be deployed to a target client machine if it is behind a personal firewall. 7.3.5. Vulnerability Assessment automatically purges log records older than 90 days ===================================================================== The "Task Details" page will not display machine records prior to 90 days ago. 7.3.6. Unsupported clients appear under wrong section ===================================================================== Vulnerability Assessment will display "Deploy failed" instead of "Unsupported" when attempting to deploy to a client running Windows XP Home Edition. It will also display "Duplicate file failed" in "Description". 7.3.7. Vulnerability Assessment can only be deployed to client machines that have enabled Null Session access ===================================================================== If Null Session access is disabled on a client machine, Vulnerability Assessment cannot be deployed to this client. 7.3.8. Unsupported clients do not appear when selecting machines by machine name ===================================================================== Unsupported clients are filtered out when selecting machines by machine name. No filtering occurs when selecting machines by IP address. 7.3.9. Vulnerability Assessment is unable to assess all available machines ===================================================================== When selecting all machines in the "Result Summary" page, only machines that appear in the page will be assessed. You can only assess selected machines one page at a time. For example, if there are 75 machines in a task, but only 20 of 75 machines are showing on a page, then selecting all machines and performing an action only performs the action on 20 machines - not all of the machines. 7.3.10. Vulnerability Assessment requires users to enable NetBIOS and File Sharing ===================================================================== Some platforms, such as Unix-based platforms, cannot enable these. Vulnerability Assessment will not be able to read the IP address for these machines and will filter them out. 7.3.11. Need to add both IP addresses to exception list for clients with two IP addresses ===================================================================== If a machine can be identified by two IP addresses, such as when it is using two network adapters, then both addresses must be entered to add it to an exception list. If both addresses are not entered, the exception action will not apply when a task is run. 7.3.12. Double-byte character names unsupported ===================================================================== When Vulnerability Assessment is running on an English operating system, it cannot read the IP addresses, domain names or machine names of local machines that are using double-byte characters (such as Chinese, Korean or Japanese). Therefore, Vulnerability Assessment cannot be deployed to those machines. 7.3.13. Unable to log on to machines in Microsoft Active Directory child domains ===================================================================== When using Microsoft Active Directory, enterprise administrators are unable to log on to machines in its Child Domain. 7.3.14. If security level of browser set too high, may be ActiveX control issues ===================================================================== When the Security level of the Internet browser is set too high, ActiveX controls cannot download to a computer. Users cannot manually assess their computers if ActiveX controls fail to download. 7.3.15. Unable to detect remaining disk space ===================================================================== When performing a manual reassessment, Vulnerability Assessment cannot detect whether or not there is enough hard disk space to download ActiveX controls. If there is not enough space, ActiveX controls cannot download and the reassessment will be unsuccessful. 7.3.16. Extremely long URLs cause issues ===================================================================== If a user enters an extremely long URL as an address, they will be redirected to the Manual Assessment page. An error occurs after the assessment. 7.3.17. Current Task page is blank upon first activating ===================================================================== When Vulnerability Assessment is first activated, the "Current Task" page is blank. This is also true when Vulnerability Assessment is restarted or when the system is rebooted. In this situation, if a user starts a Damage Cleanup Services task and then starts a Vulnerability Assessment task, the second task is not queued on the "Current Task" page. Instead, the "Current Task" screen displays a message saying that "there is no current task running". Once a Vulnerability Assessment task has been completed successfully, then normal task queuing is possible. 7.3.18. ActiveX controls downloading to Japanese or Chinese Windows 9x system ===================================================================== When ActiveX controls attempt to download to Japanese or Chinese Windows 9x systems, a message is displayed saying that the security certificate was "unsigned". If the user clicks OK, then the download proceeds. 7.3.19. Time delay while Network VirusWall is reassessing your computer ===================================================================== After performing a manual reassessment from the Network VirusWall reassessment page, Network VirusWall requires some time (approximately 30 seconds) to reassess your computer and release it from blocking. Attempting to reconnect to the network before Network VirusWall has completed this process, will redirect the browser to the reassessment page again. After performing a manual reassessment, please wait at least 30 seconds before trying to access the network again. 7.3.20. Accessing Manual Vulnerability Assessment Tool when using Windows 9x, Japanese, or Chinese operating systems ===================================================================== An error occurs when attempting to access the Manual Vulnerability Assessment Tool, when using Windows 9x operating systems or Japanese or Chinese operating systems. This occurs because the client machine 's Trusted Root certification authority has expired. Please, update your system from http://www.verisign.com/support/roots.html and try to access the page again. 7.4 Trend VCS 1.x issues 7.4.1 Trend VCS 1.x group and computer names display incorrectly on different language operating systems ===================================================================== To display the Trend VCS 1.x group and computer names correctly, the Control Manager server must be installed on a server with the same operating system language version, and the appropriate character set. 7.4.2 Trend VCS 1.x agents share a single Communicator that cannot be turned off ===================================================================== Trend VCS 1.x agents on a Control Manager network share a single, special Communicator called an Entity Emulator, which is installed on the Control Manager server. This Communicator cannot be turned off. 7.5 Database issues 7.5.1 Control Manager unable to access SQL database if password changed ===================================================================== If the password for Control Manager's SQL database is changed, Control Manager will no longer be able to access the database when it is removed or upgraded. In addition, it will make it impossible to restart the Control Manager service. 7.6 Managed product issues 7.6.1 ServerProtect for NetWare 3.x or HouseCall 5 not supported ===================================================================== This version of Control Manager does not support ServerProtect for NetWare 3.x or HouseCall 5. 7.6.2 How Control Manager displays ServerProtect ===================================================================== ServerProtect Normal Servers are always displayed under the "ServerProtect for Windows" folder. The icon of the Information Server always displays "SPNT". 7.6.3 Need to deploy Trend VCS agents for OfficeScan on servers that have OfficeScan and other products ===================================================================== When deploying Trend VCS agents to servers that have OfficeScan and other products, you must deploy the Trend VCS agent for OfficeScan. Otherwise, you will only deploy the agents for other products; and OfficeScan will not be registered with the Control Manager server. 7.6.4 Control Manager and Internet Messaging Security Suite 5.x cannot co-exist on the same machine ===================================================================== Do not install Control Manager on a server that has already installed InterScan Messaging Security Suite 5.x (IMSS). IMSS needs to run on a machine that has no other Trend Micro products running on it, including Control Manager. 7.6.5 Restart IMSS machine after installing Control Manager agent ===================================================================== You must restart the InterScan Messaging Security Suite (IMSS) 5.1 machine after you install the Control Manager agent for IMSS. Otherwise, the agent might not be able to detect the eManager component of IMSS when you apply an Outbreak Prevention Policy; resulting in the following message in Command Details: "There is no eManager available". 7.6.6 Need to enable cookies to configure IMSS 5.1 within the Control Manager management console ===================================================================== To configure InterScan Messaging Security Suite (IMSS) 5.1, from within the Control Manager management console, your browser must be configured to accept cookies from the IMSS server. You can accomplish this, either by setting your browser to accept session cookies, or by adding the URL of the IMSS console to your browser's list of trusted or managed sites. The following procedures are for Internet Explorer version 6; for other versions consult your browser's online help: To accept cookies specifically from the IMSS server (Recommended): a. Click Tools > Internet Options . . .> Privacy > Edit. b. Add the IMSS Management Console URL in the list of Managed Web Sites. To accept session cookies: a. Click Tools > Internet Options . . .> Privacy > Advanced. b. Select "Override automatic cookie handling". c. Under "Third-party Cookies", click "Accept". d. Select "Always allow session cookies". 7.6.7 eManager Content Security events recorded in Security logs ===================================================================== eManager records Content Security events in the Security logs, not in the Virus logs. 7.6.8 Control Manager 3.0 agents incompatible with older Trend Micro products ===================================================================== Control Manager 3.0 agents are not compatible with older versions of Trend Micro products. Search the online help for the "Compatible Products" topic. 7.6.9 ServerProtect Normal Server information does not correctly display ===================================================================== The ServerProtect Normal Server does not appear correctly in Component Status of the managed product page. Control Manager ServerProtect agent version 2.51 build 1029 resolves this issue. Visit the Update Center on www.trendmicro.com to download the latest Control Manager ServerProtect agent. 7.7 Communicator issues 7.7.1 Over 10,000 managed products causes managed product display issues on the management console ===================================================================== If the Communicator handles more than 10,000 managed products, the Control Manager management console is unable to display product information. 7.7.2 Communicator Heartbeat affected if the system clock is changed ===================================================================== If the system clock of the Control Manager server is changed, it will not be able to correctly enforce the Communicator Heartbeat -- unless the Control Manager service is restarted. 7.7.3 Communicator status not automatically reflected in the entity status ===================================================================== The status of the Communicator is not automatically reflected in the entity status. So if the Communicator is inactive, the management console still displays entities as active. 7.7.4 Firewall exists between Control Manager server and agents ===================================================================== If the Control Manager server and agent communicate through a firewall, set the Trend Micro Management Infrastructure to close unused connections after a specific period. This avoids communication errors related to the TCP session time-out setting on the firewall. Perform this procedure on the Control Manager server first, and then on all agents that communicate through the firewall. a. Locate the TMI.cfg file (typically in ...\Trend Micro\COMMON\TMI) and open with a text editor. b. Locate the CLOSE_IDLE_CONN parameter, and change its value to "1". Assigning the value '1' enables the idle-connection monitor function. Assigning a '0' value disables the function. c. Locate the MAX_IDLE_TIME parameter, and adjust the value as required. The default value is 300, meaning unused connections are closed after 300 seconds. Valid values are from 1 to the TCP session time-out setting of the firewall (in seconds). d. Restart the "Trend Micro Management Infrastructure" service. 7.8 Reports issues 7.8.1 Viewing Graphs in RTF reports when running Windows XP ===================================================================== In Microsoft Windows XP, the graph in an RTF report does not appear unless the user resizes the image. 7.8.2 Cannot view RTF report graphs using WordPad ===================================================================== Cannot use WordPad to view RTF report graphs. 7.8.3 Report function displays total percentage ===================================================================== The total percentage on some reports in the Report function will display 101%, because added percentages are often rounded off. 7.8.4 Global reports and global status on parent servers ===================================================================== Global reports can be configured to include the logs from parent server's managed products. However, global status, does not include the parent server's managed products status. 7.9 General issues 7.9.1 Do not use Terminal Client to install MSDE on a Windows 2000 server ===================================================================== Do not use Terminal Client to install MSDE on a Windows 2000 server running Terminal Services. This will result in an unsuccessful MSDE installation. For more information, refer to the Microsoft Knowledge Base Article - 317268: http://support.microsoft.com/default.aspx?scid=kb;en-us;317268 7.9.2 InterScan for Unix deploy scan engine command does not appear in Command Tracking ===================================================================== If the user tries to deploy the scan engine for InterScan for Unix, the attempt will not appear in Command Tracking because this action is not currently supported for this product. 7.9.3 Control Manager support for updating only English product versions ===================================================================== Currently, Control Manager can only update the programs of English product versions. 7.9.4 Unable to re-use all-numeric database names ===================================================================== Cannot use all-numeric names for databases. 7.9.5 Issues managing agent if user account that created it is deleted ===================================================================== If the user account that was used when installing an agent is deleted , Control Manager will no longer be able to manage that agent -- after the agent re-registers itself. Trend Micro recommends using the root account when installing agents. 7.9.6 Managed products on same machine as Control Manager can only be controlled by that Control Manager ===================================================================== If a product is managed by a Control Manager agent, and is installed on the same machine as a Control Manager server, the product can only be managed by the Control Manager that it shares the server with. It cannot be managed by another Control Manager server. For example, if machine A with ServerProtect (SPNT) agent, is registered to Control Manager server on another machine B, and if you install another Control Manager on machine A, the SPNT agent will automatically register to the Control Manager server on machine A leaving orphan icons in the Control Manager management console on machine B. 7.9.7 Need to purge logs to refresh Status Summary information ===================================================================== Status Summary information is cumulative. To refresh the information, you must purge all logs. This situation occurs in a cascading management structure when using a parent Control Manager management console to view the child status. 7.9.8 Rapidly clicking Search function Start and Stop buttons causes Internet Explorer to stop responding ===================================================================== On the management console, alternately clicking the Start and Stop buttons in the Search function in rapid succession, will cause Internet Explorer to stop responding. 7.9.9 Delay to display all valid drives during installation ===================================================================== The installation program requires a few moments to show all the valid drives on a multiple-drive server. You can, however, still type the desired installation path in the field, and start the installation. 7.9.10 Control Manager uses default IP address if NIC not detected ===================================================================== If the installation program does not detect a Network Interface Card (NIC) on the target server, Control Manager uses the following default IP: 127.0.0.1. If a NIC is installed later, Control Manager will not use the new IP address that will be assigned to the card. 7.9.11 Different ServerProtect Product Directory folder names ===================================================================== The ServerProtect Product Directory folder name in Control Manager 3.0 is "ServerProtect for Windows"; which is different from the name used in version 2.1: "ServerProtect for NT". As the result, if a Control Manager 2.1 server, managing ServerProtect is upgraded to version 3.0, the following occurs: - New Normal Servers are placed in separate Product Directory folders named: 'ServerProtect for Windows'. - Original Normal Servers will remain in folders named: 'ServerProtect for NT'. 7.9.12 A Control Manager 2.5 server managing the maximum number of entities experiences issues if upgrading to version 3.0 ===================================================================== Control Manager has a limit of 10,000 entities. If a Control Manager 2.5 server is managing the maximum number of entities, issues will occur when upgrading to Control Manager 3.0 because Damage Cleanup Services is considered one entity. Before upgrading remove some entities. 7.9.13 Outdated information displayed on child Control Manager server status pages. ===================================================================== The information displayed on child Control Manager server status pages may not be updated under the following conditions: * A user has disabled the child server * The network connection between the child server and parent server is too slow or unstable 7.9.14 Deployment rate reports do not appear in parent server global reports ===================================================================== A parent Control Manager global report does not include deployment rate reports. 7.9.15 Sun Microsystems Java Runtime Environment not supported ===================================================================== The Sun Java Runtime Environment is not officially supported. 7.9.16 Can display a maximum of six IP addresses for single computer ===================================================================== Even if a single computer has been assigned over six IP addresses, the management console only displays six on the Computers view. 7.9.17 Patch agents are downloaded even if the same version exists on the ActiveUpdate server and Control Manager ===================================================================== Whenever Control Manager downloads an update component (for example a virus pattern file, scan engine) from the Trend Micro update server, Control Manager also downloads files called "patch agents" for each of its managed products -- even if these agents are up-to-date. Control Manager downloads these files because they currently do not have version information; and is therefore unable to determine whether or not the patch agents it already has are current. This behavior adds to overall bandwidth usage during component updates. Patch agents, vary in size from 25 to 450KB with the average size being 40KB. 7.9.18 Unable to identify parent Control Manager server ===================================================================== A child Control Manager server is unable to identify or locate its parent server from the child server management console or query results. 7.9.19 After Control Manager server upgrades or reinstalls, management console may behave unexpectedly ===================================================================== After a Control Manager server upgrades or reinstalls, the management console may behave unexpectedly because of expired or inconsistent data in the Internet Explorer cache on the local machine. If this occurs, clear the Internet Explorer cache and retry using the management console. 7.9.20 Access logs do not record certain data ===================================================================== The access logs do not record the following events: * change of notification configuration * log purge settings * report settings * deployment plan settings 7.9.21 When parent Control Manager servers deploy updates, the child servers automatically immediately deploys them ===================================================================== Whenever a parent Control Manager server deploys updates to its child server, it causes the child server to immediately deploy the new components to its managed products, regardless of the deployment settings on the child server. There are currently no Event Center notifications associated with this event. Therefore, child server administrators are not notified when their Control Manager server deploys components in response to a request from the parent server. 7.9.22 Control Manager 2.5 ActiveX and Crystal Report Consolidated Report does not appear after migrating to CM 3.0 ===================================================================== Consolidated Reports generated by Control Manager 2.5 in ActiveX and Crystal Report format cannot be viewed correctly after upgrading to Control Manager 3.0. This occurs because different versions of Crystal Reports are used for Control Manager 2.5 and Control Manager 3.0. To view the reports, locate the folder and use Crystal Reports 8 or after upgrading create another Consolidated Report. 7.9.23 Unable to deploy update components if Control Manager IP address or port changes ===================================================================== If the IP address or port changes for a Control Manager server, the server is unable to deploy update components and other Control Manager functionality may be lost. Use the CMWEBfg.bat file to update the systemconfiguration.xml file. See the online help for detailed instructions. 7.9.24 Clear Internet Explorer temporary Internet files (cache) before upgrading to Control Manager 3.0 ===================================================================== Before upgrading to Control Manager 3.0, first remove all your Internet Explorer temporary Internet files (cache). Refer to your Internet Explorer documentation for details. 7.9.25 Need to restart the Trend Micro Control Manager service after changing the debug log information level ===================================================================== If you change the level of debug log information provided by the ActiveUpdate module (either manually modifying the aucfg.ini file or using the ActiveSupport tool) you need to restart the Trend Micro Control Manager service for the change to take effect. 7.9.26 On Windows Server 2003 add external URLs or IP addresses to the Internet Explorer Trusted sites zone ===================================================================== When viewing the Control Manager management console using Internet Explorer on Windows Server 2003, make sure when accessing content on other servers that the URL or IP address is added to the Internet Explorer Trusted sites zone. Refer to your Internet Explorer documentation for details. 7.9.27 Test notifications after restarting Trend Micro Control Manager service ===================================================================== If you re-start your Trend Micro Control Manager service, check your network connection and manually test notifications (for example, MSN Messenger) to make sure they are functioning correctly. 7.9.28 Need to select accessible folders when creating users with administrator privileges ===================================================================== When creating users with administrator privileges, select accessible folders to ensure the management console correctly displays Damage Cleanup Services or Vulnerability Assessment screens. 7.9.29 Restart the Trend Micro Control Manager service after enabling a child server ===================================================================== When you enable a child Control Manager server, you need to restart the Trend Micro Control Manager service on the child server. 8. Release History ======================================================================== TMCM v2.5, January 1, 2003 TMCM v2.1, July 1, 2002 9. Contact Information ======================================================================== A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our Web site. Global Mailing Address/Telephone Numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Us" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 10. About Trend Micro ======================================================================== Trend Micro, Inc. provides centrally controlled server-based virus protection and content-filtering products and services. By protecting information that flows through Internet gateways, email servers, and file servers, Trend Micro allows companies worldwide to stop viruses and other malicious code from a central point before they can reach the desktop. Copyright 2004, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, and Control Manager are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 11. License Agreement ======================================================================== Information about your license agreement with Trend Micro can be viewed at: http://www.trendmicro.com/en/purchase/license