Trend Micro™ Network VirusWall™ Enforcer 2500 Administrator’s Guide
5
-
18
12
Network VirusWall
Enforcer 2500 Policy
Enforcement does not
correctly identify
incompliant endpoints
An HTTP proxy server located between Network VirusWall Enforcer
2500 and endpoints on the network may prevent Network VirusWall
Enforcer 2500 from correctly identify endpoint status. Reconsider
your deployment plan to take into consideration proxy servers on
the network.
Note:
If a SYN flood attack with fake source IP address
occurs on your network, Network VirusWall
Enforcer 2500 Policy Enforcement may not be
able to detect the status of endpoints on the
network.
13
Network VirusWall
Enforcer 2500 is
unable to implement
Outbreak Prevention
Policies to block
endpoint ports
If an endpoint routes its traffic through a proxy server, the machine
actually sends packets to the proxy using a proxy port; the proxy is
responsible for actual packet delivery. Unless the proxy itself is
within the network, Network VirusWall Enforcer 2500 does not block
the endpoint traffic.
14
When Kerberos
Authentication is
used, the User
Authentication does
not function as
expected
Check the clock sync between the authentication server and
Network VirusWall Enforcer 2500. The authentication server and
Network VirusWall Enforcer 2500 should have the same time
setting.
For Kerberos and MD5 authentication, users only need to input
account information (without the domain) and password.
15
Why doesn’t the
endpoint detecting
page update
When there is a PEAgent update that downloads with a program file
update, Network VirusWall Enforcer 2500 stops all services before
installing the new PEAgent. However, Network VirusWall Enforcer
2500 cannot stop Real-time scan which causes the detection page
to freeze. Restart the endpoint computer to solve this problem.
16
An endpoint in a
different subnet than
Network VirusWall
Enforcer does not
pass user
authentication
Add a bridge IP address that is in the same subnet as the endpoint
and bind it to a port.
17
Network VirusWall
Enforcer cannot
update the endpoint
status using the
PEAgent
Add a bridge IP address that is in the same subnet as the endpoint
and bind it to a port.
#
ISSUE
CORRECTIVE ACTION
T
ABLE
5-3.
Troubleshooting Network VirusWall Enforcer 2500 configuration
issues