If you're utilizing Trend Micro's services, you can whitelist ATTACK Simulator to allow our simulated phishing test emails and training notifications through to your end-users. If you run into issues whitelisting ATTACK Simulator in your Trend Microservices, we recommend reaching out to Trend Micro for specific instructions. 

TABLE OF CONTENTS

• Whitelisting by Domain in Trend Micro
  • Advanced Spam Protection
  • Malware Scanning
  • File Blocking
  • Web Reputation
  • Virtual Analyzer

Whitelisting by Domain in Trend Micro

The whitelisting process is broken down into 5 sections. Each section has its own steps for configuration and must be completed to successfully whitelist ATTACK Simulator. 

Advanced Spam Protection

1. Navigate to the Advanced Threat Protection tab > Add.
2. Select the policy to create based on the service:
   1. Exchange
   2. OneDrive
   3. SharePoint
   4. Box
   5. Dropbox
   6. Google
3. On the left, select Advanced Spam Protection.
4. Check the Enable Advanced Spam Protection option.
5. Select the Approved Header Field section. 
6. Check the box next to the Enable the approved header field option.
7. Enter x-ats-simulation in the Name field, select the Equals option, and type true in the Value field.
8. Select the Rules configuration section.
9. Under the Apply to: drop-down, select the Incoming messages option.
10. For Detection Level:, select the Medium option.

Malware Scanning

1. On the left, select Malware Scanning.
2. Select the Rules configuration section.
3. Under the Apply to: drop-down, select the All messages option.
4. Under Malware Scanning, select Scan all files and check the box next to Scan message body and Enable IntelliTrap. 
5. Select the Action configuration section.
6. For Action:, select the Trend Micro recommendactions option from the drop-down.
7. For Notification:, select the Notify option from the drop-down.
   

File Blocking

1. On the left, select File Blocking and select Enable File Blocking. We recommend keeping File Blocking on because you cannot limit this option to ATTACK Simulator messages. Turning off File Blocking could allow potentially malicious attachments through to your users.

Web Reputation

1. On the left, select Web Reputation.
2. Check the Enable Web Reputation option.
3. Select the Rules configuration section.
4. Under the Apply to: drop-down, select the All messages option.
5. For Security Level:, select the Medium option. 
6. Select the Approved/Blocked URL List section.
7. Check the box next to the Enable the approved URL list option.
8. Check the box next to the Add internal domains to the approved URL list option.
9. Enter our landing page domains in the text field. For the most up-to-date list of our domains, please visit this link.
10. Then, click the Add > button. 

Note: You can click the Import button to import URLs in batches.

Virtual Analyzer

1. On the left, select Virtual Analyzer.
2. Check the Enable Virtual Analyzer option.
3. Click the Save button. 
4. Check the box next to the Enable the approved sender list option.
5. Enter our email domains in the text field. For the most up-to-date list of our domains, please visit this link.
6. Then, click the Add > button.

Note: You can click the Import button to import URLs in batches.

Once all steps in each section are completed, your new policy will appear under the Advanced Threat Protection tab.

Tip: After following these instructions, we recommend setting up a whitelist test to ensure your whitelisting was successful. As a last resource, we suggest reaching out to your service provider for assistance.