How to Allowlist (Whitelist) in Trend Micro

Allowlisting by Domain in Trend Micro

The allowlisting process is broken down into 5 sections, with each having its own steps for configuration that must be completed to allowlist successfully.

1. Advanced Spam Protection

  • Navigate to Advanced Threat Protection > Add.
  • Select the policy to create based on the service:
    • Exchange
    • OneDrive
    • SharePoint
    • Box
    • Dropbox
    • Google
  • On the left, select Advanced Spam Protection.
  • Check the Enable Advanced Spam Protection.
  • Select the Approved/Blocked Sender List.
  • Check the box next to the Enable the approved sender list.
  • Enter *@domain in the text field. This will be the phish domain you have selected for you phish simulation; and click the 'Add >' button.

blobid0.png

  • Select the Rules configuration section.
  • Under the 'Apply to' drop-down, select the Incoming messages.
  • For 'Detection Level', select Medium.

blobid1.png

2. Malware Scanning

  • On the left, select Malware Scanning.
  • Select the Rules configuration section.
  • Under the 'Apply to' drop-down, select All messages.
  • Under 'Malware Scanning', select Scan all files and check the box next to Scan message body and Enable IntelliTrap.

blobid2.png

  • Select the Action configuration section.
  • For 'Action', select the Trend Micro recommend actions option from the drop-down.
  • For 'Notification', select the Notify option from the drop-down.

blobid3.png

3. File Blocking

  • On the left, select File Blocking > Enable File Blocking.
  • We recommend keeping 'File Blocking' on because you cannot limit this option to MetaCompliance messages. Turning off 'File Blocking' could allow potentially malicious attachments through to your users.

blobid4.png

4. Web Reputation

  • On the left, select Web Reputation.
  • Check the Enable Web Reputation.
  • Select the Rules configuration section.
  • Under the 'Apply to' drop-down, select the All messages.
  • For 'Security Level', select Medium.

blobid5.png

  • Select the Approved/Blocked URL List.
  • Check the box next to Enable the approved URL list.
  • Check the box next to Add internal domains to the approved URL list.
  • Enter our host names in the text field.
  • Then, click the 'Add >' button.

blobid6.png

5. Virtual Analyzer

  • On the left, select Virtual Analyzer.
  • Check the Enable Virtual Analyzer.
  • Click Save.

blobid7.png

  • Once all steps in each section are completed, your new policy will appear under the 'Advanced Threat Protection' tab.

Back to all articles