Application Resilience policies for Trend Micro Apex One Security Agent

You can activate an Application Resilience policy for Trend Micro Apex One™ (Apex One) to collect information about the functional status of the Apex One agent installed on your Windows devices and view the results in reports. You can also configure the policy to attempt to repair or reinstall the agent.

Application Resilience policies for Apex One are supported only on devices running a supported version of the Windows operating system and the following version of the Apex One agent:

  • 14.x or higher

    NOTE  Significant software changes in higher versions may cause health checks to become invalid.

If you select Report higher versions as Compliant, higher versions report Compliant without running health checks.

This platform requires the installation of the Apex One Security Agent (Apex One agent) on the organization's devices.

In addition to checking the version, the following table describes the health checks performed:

Component Test performed
Services Installed Running Signed by

  • Apex One NT RealTime Scan (ntrtscan.exe)

  • Apex One NT Listener Service (tmlisten.exe)

 P P Trend Micro

  • Trend Micro Unauthorized Change Prevention Service (TMBMSRV.exe)

  • Apex One Common Client Solution Framework (TmCCSF.exe)

 P n/a

You can configure an Application Resilience policy for Apex One to enable the Application Resilience (RAR) component A lightweight software component of the Absolute agent that detects the status of third party applications installed on a device. The component may also attempt to repair the third party application if it is non-compliant. The RAR component is deployed on a device only when the device is associated with a customized policy group and that policy group's Application Resilience policy is activated. to attempt to repair the Apex One agent if it's not functioning, or reinstall it if it's missing or can't be repaired.

NOTE  Depending on the Absolute product licenses associated with your account, the Report and repair option, and the Report, repair, and reinstall option may not be available.

The RAR component of the Absolute agent can respond to the following issues:

Issue

Resolution
Repair

One or more of the following services aren't running:

  • Apex One NT RealTime Scan (ntrtscan.exe)

  • Apex One NT Listener Service (tmlisten.exe)

The RAR component restarts the service.

One or more of the following services aren't installed and the service's executable can be detected on the device:

  • Apex One NT RealTime Scan service (ntrtscan.exe)

  • Apex One NT Listener Service (tmlisten.exe)

  • Trend Micro Unauthorized Change Prevention Service (TMBMSRV.exe)

  • Apex One Common Client Solution Framework (TmCCSF.exe)

The RAR component reinstalls each missing service.
Reinstall

One or more of the following services aren't installed and the service's executable cannot be detected on the device:

  • Apex One NT RealTime Scan (ntrtscan.exe)

  • Apex One NT Listener Service (tmlisten.exe)

  • Trend Micro Unauthorized Change Prevention Service (TMBMSRV.exe)

  • Apex One Common Client Solution Framework (TmCCSF.exe)

The RAR component downloads and installs the configured version of the agent.

NOTE  Downgrades are not supported. If the version installed on a device is higher than the expected version, no action is taken.

The Apex One agent failed to be repaired, or the expected version isn't installed

You can add a 32-bit installer, a 64-bit installer, or both. The installers:

  • must be MSI files

  • can have any file name

The RAR component looks for the following files names when checking pre-cached installers:

Component File name
Installers SecurityAgent.msi

Before you activate an Application Resilience policy you need to configure the policy. You need to configure the application version in addition to the settings in Configuring Application Resilience policies.

To configure the application version:

Under Trend Micro Apex One™ Security Agent version, enter the version of the Apex One agent you expect to be running on your devices.

  • The target version must be a sequence of digits separated by a period.
  • You can use wild card "*" characters after the major version, for example, 14.* or 14.1.*.

IMPORTANT  Make sure the version you are entering is consistent with version 14.x or higher.

If you selected the Report, repair, and reinstall option, you also need to configure this setting in addition to the settings in Configuring Application Resilience policies.

To configure the Apex One specific setting:

[Optional] Under Uninstall Password, enter the password required to uninstall the Apex One agent if it's required for your configuration.