Whitelisting PhishGuard in Trend Micro

Whitelisting in Trend Micro

If you're using Trend Micro, you can whitelist PhishGuard to allow our phishing emails reach the targets in a phishing campaign. 

The whitelisting process in Trend Micro consists of five steps. Each step has its own configuration and must be completed to successfully whitelist PhishGuard. In this article, we discuss Whitelisting by Domain in Trend Micro, steps as:

• Advanced Spam Protection
• Malware Scanning
• File Blocking
• Web Reputation
• Virtual Analyzer

Advanced Spam Protection

1. Navigate to the Advanced Threat Protection tab > Add.
2. Select the policy to create based on the service:
   • Exchange
   • OneDrive
   • SharePoint
   • Box
   • Dropbox
   • Google
3. On the left, select Advanced Spam Protection.
4. Check the Enable Advanced Spam Protection option.
5. Select the Approved/Blocked Sender List section.
6. Check the box next to the Enable the approved sender list option.
7. Enter *senderName@... in A, as you specified in your custom sender in the campaign launching settings -for example if the campaign sender address is Hello@cerebra.sa, enter here *@cerebra.sa- and click the Add > button.

8. Select the Rules configuration section.
9. Under the Apply to: drop-down, select the Incoming messages option.
10. For Detection Level:, select the Medium option.

Malware Scanning

11. On the left, select Malware Scanning.

12. Select the Rules configuration section.

13. Under the Apply to: drop-down, select the All messages option.

14. Under Malware Scanning, select Scan all files and check the box next to Scan message body and Enable IntelliTrap.

15. Select the Action configuration section.

16. For Action:, select the Trend Micro recommend actions option from the drop-down.

17. For Notification:, select the Notify option from the drop-down.

File Blocking

18. On the left, select File Blocking and select Enable File Blocking. We recommend keeping File Blocking on because you cannot limit this option to PhishGuard messages. Turning off File Blocking could allow potentially malicious attachments through to your users.

Web Reputation

19. On the left, select Web Reputation.

20. Check the Enable Web Reputation option.

21. Select the Rules configuration section.

22. Under the Apply to: drop-down, select the All messages option.

23. For Security Level:, select the Medium option.

24. Select the Approved/Blocked URL List section.

25. Check the box next to the Enable the approved URL list option.

26. Check the box next to the Add internal domains to the approved URL list option.

27. Enter our domains in the text field. 

28. Then, click the Add > button. You can click the Import button to import URLs in batches.

Virtual Analyzer

29. On the left, select Virtual Analyzer.

30. Check the Enable Virtual Analyzer option.

31. Click the Save button.

Once all steps in each section are completed, your new policy will appear under the Advanced Threat Protection tab.