• Resume a Missed Scheduled Scan: Administrators can now configure weekly or monthly scheduled scans to resume at the same time the next day if the scheduled scan was missed.

• Mac Installation no Longer Requires Java: This version of the Mac client installation package no longer uses Java.

• Device Control: Device Control regulates access to external storage devices and network resources connected to Windows computers.

• "License Unavailable" Message: A "License Unavailable" message now displays on newly installed Windows agents with licensing issues. The message displays each time the agent is launched or when users mouseover the agent icon on the system tray of the device. If the message displays, contact the Worry-Free Business Security Services administrator immediately to resolve the issue.

• Support for Mac and Mobile: This version of WFBS-SVC now manages Macs and Android devices to provide increased security at work (or at home).

• Flexible Device Management: With custom tags, you can use email addresses, employee IDs, or any other unique combination to speed up your workflow.

• Improved User Experience: Features that require a lot of parameters in the background have been simplified on the console. The Common Tasks on Live Status gives you quick access to commonly used tasks.

• Enhanced Flows: We’ve changed a few flows to reduce the steps taken to complete a task. For example, you can now add a device and the device to a group with ease.

• Refreshed Look and Feel: We have refreshed the interface that makes it easier for you to use WFBS-SVC.

Client Deployment and Upgrade

1. To completely reinstall or upgrade the CSA, you will need to restart the computer. A restart will also be necessary when updating some components including the firewall and the proxy drivers.

2. After installing the CSA on a computer with IIS 7.0, you must restart the IIS service. IIS 7.0 may not work as expected with the CSA, which uses the Windows Filtering Platform, until IIS is restarted. This issue only occurs on Microsoft Windows 2008 without service pack 2.

3. Some CSA components, such as the Trend Micro Web Protection Add-On or the TrendProtect Toolbar, can be installed without the CSA. These components may conflict with the CSA installation and must be removed before the CSA is installed.

4. Real-time scan on CSA can prevent Hyper-V Manager from creating virtual machines. If you encounter this issue, configure real-time scan to exclude the storage folder for your virtual machines from scanning. Hyper-V Manager uses "C:\ProgramData\Microsoft\Windows\Hyper-V" as the default storage folder, but a different folder may be specified during virtual machine creation.

5. In environments such as distributed file systems, scanning offline files causes unnecessary file recalls and can eventually lead to performance issues. To avoid scanning offline files:

   1. Open the Windows registry and navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmfilter\Parameters.

   2. Set the registry keys SkipOffLineFile and SkipSparseFile to 1.

      For more information, refer to http://esupport.trendmicro.com/Pages/How-to-skip-offline-files-from-being-scanned.aspx

6. The WFBS-SVC_Downloader.exe file can only be run on the computer on which the user downloads it. If a user copies the file to another computer and runs it there, an error results.

7. Computer loses network connection temporarily during installation.

8. Users cannot successfully uninstall the agent if Dropbox is installed on the same computer. Uninstall Dropbox before uninstalling the agent.

9. Users cannot deploy agent program when Internet Explorer 10 running in Windows UI mode on Windows 8.

Client/Server Security Agent

1. On Windows Vista/2008/7 guest operating systems running VMware ESX 3.5 servers, PccNTmon cannot render the CSA console correctly. The system hangs and eventually crashes.

   To prevent this issue:

   1. Click Start > Control Panel > Performance Information and Tools > Visual Effects.

   2. Select Adjust for best performance.

2. CSA self-protection for Process and Registry Keys works supports all 32-bit operating systems and only on the following 64-bit platforms: Windows Vista SP1 x64 and Windows Server 2008 SP1 x64 and above.

3. If the "Client Security" setting on the web console (in Devices> {group} > Configure Policy > Windows tab > Client Privileges) is set to "High" and a malware program resides in the CSA folder before real-time scan starts, CSA cannot restrict that malware from updating the registry.

4. If virus pattern or spyware active-monitoring pattern files are not available to the CSA, the CSA will keep its current scan method until the pattern is delivered

Firewall

1. During CSA installation or firewall driver uninstallation, the computer may temporarily lose its network connection. Some applications, such as Secure Shell (SSH), Terminal Services Client, or Remote Desktop could be affected by the disconnection. If the network connection is lost, restart the application after installing the CSA or after disabling the firewall.

2. The CSA firewall may conflict with other firewall applications. Trend Micro recommends uninstalling or disabling other firewall applications.

3. On VMware clients, the CSA firewall may block all incoming packets.

   To address this issue, add the following value to the client's registry:

   • Key: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\PFW

   • Name: EnableBypassRule

   • Type: REG_DWORD

   • Data: 1

4. The firewall does not support IPV6.

5. On Windows Vista, Windows 7, Windows 8, Windows Server 2008, Windows Server 2008 R2 and Windows Server 2012 computers, if the firewall is disabled and then re-enabled, Firewall patterns fail to load sometimes. To fix this problem, restart the affected computer

Behavior Monitoring

1. Behavior Monitoring supports all 32-bit operating systems and only the following 64-bit platforms: Windows Vista SP1 x64 and Windows Server 2008 SP1 x64 and above.

Device Control

1. Device Control supports all 32-bit operating systems and only the following 64-bit platforms: Windows Vista SP1 x64 and Windows Server 2008 SP1 x64 and above.

Web Reputation and URL Filtering

1. When running Internet Explorer 9 with IE Enhanced Security Configuration, the Web Reputation plug-in module (TmIEPlugInBHO Class) cannot be automatically applied. Risky URLs using SSL cannot be blocked.

2. Web Reputation Services and URL Filtering are not supported when Internet Explorer 10 is running in Windows UI mode on Windows 8.

SBS Dashboard Add-In Tool

1. When Internet Explorer 9 is installed under Windows Small Business Server 2011 Essentials, a popup window concerning unused windows appears when closing the Dashboard console.

2. SBS Dashboard Add-in is not compatible with Internet Explorer Enhanced Security Configuration. Ensure this option is disabled before opening the Dashboard.

Login Script Setup Tool

1. Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Vista, Windows 7, and Windows 8 computers with UAC enabled prohibit automatic installation.

1. The Agent does not support root accounts.

1. When TMMS is installed on a device running Android 2.x, the system proxy is not updated as this version of the operating system does not support system proxies. This could also prevent the device from connecting to the server to receive updates.

2. TMMS will not be installed on rooted Android devices.

3. If the user goes to Settings > Applications > Manage Applications > TMMS and taps Clear Data, TMMS might not be able to connect to the server to receive updates. The user would need to re-enroll the device.

4. If other installed apps interfere with the device’s network connection, TMMS might not be able to connect to the server to receive updates.

5. Clicking the installation link from an email opens a web browser window. On the default browser of Android 2.x devices, if users click the "Home" button to leave the browser window and then click the installation link again, the installation process stops and the browser window stops responding.

   To avoid this issue, users must close the browser window opened from installation links before clicking the link again.