Topics on this page
What kind of performance can I expect?
For details on performance, see Performance and scaling.
What happens if a file is found to be malicious?
Can I modify the actions taken on malicious files?
Yes. Out-of-box, File Storage Security tags a malicious file with a
malicioustag, and no further action is taken. After that you can create actions based on the tag assigned to the file.
See the post-scan action sample code GitHub page for actions that can be taken after the scan.
Can I configure scan exclusions? Inclusions?
No. Our current design does not allow you to configure files to be excluded from (or included in) scans.
What anti-malware patterns are used to scan files? Are the patterns updated?
File Storage Security uses Smart Scan patterns to scan the files. Smart Scan is part of a collection of Trend Micro cloud services. Smart Scan's patterns are regularly updated.
How many deployment options are there (AWS, Azure, GCP, etc.)?
Currently we support AWS and Azure, and we plan to add support for other cloud providers soon.
What is being passed to the scanner stack? Is it the whole file?
Only a partial download is done on the file when scanning.
Are file contents sent to the Trend Micro Global Smart Protection Server?
No. Only identification information is sent to the Trend Micro Global Smart Protection Server.
Which regions are supported?
A full list of supported regions is available on the What regions are supported? page.
How do I upgrade my stacks to the latest version?
For upgrade instructions, see Update stacks.
Can I deploy multiple all-in-one stacks across multiple AWS accounts?
Yes. We support multiple stacks which can all be connected to the File Storage Security console. To deploy stacks, see Add stacks.
What permissions do File Storage Security management roles have?
These are the permissions that File Storage Security management roles StorageStackManagementRoleARN and ScannerStackManagementRoleARN will have after File Storage Security has been deployed and configured:
The Lambda functions for my File Storage Security stacks were updated recently. What was updated?
Currently, there are three kinds of updates:
- Lambda code. Currently, there are three Lambda functions in scanner and storage stacks to update. File Storage Security backend updates BucketListenerLambda and PostScanActionTagLambda in storage stacks, and ScannerLambda in scanner stacks as well. The Lambda code change is published in What's New.
- Malware patterns in Lambda layer. File Storage Security backend pushes the latest malware pattern to your ScannerLambda.
- Scanner license. File Storage Security backend updates the license residing in ScannerLambda every week. If you remove your scanner stack from the File Storage Security console, the license will expire and fail to scan four weeks later.
How often can I expect updates?
The Trend Micro backend service pushes malware patterns, the license, and Lambda code updates.
- Malware patterns are updated daily
- The licence is updated weekly
- Lambda code is updated whenever the code is patched; the Lambda code change is published in What's New
If there is a change that requires stack update, by what date do users need to update it?
Stacks have no expiration date, but we strongly recommend that you use the latest version.
Once a stack has been updated, can the stack update be rolled back?
You cannot roll back a stack update.
How can I tell when a stack template was last updated, and what was changed in its update?
To see the revision history for a template, go to our repository on GitHub.com and click the Blame button to see that view.
Why do I see "The license cannot be updated to the scanner stack" when deploying Azure stacks?
During stack deployment, the File Storage Security backend service configures the license to your scanner stack. This requires Azure permissions that can take up to 30 minutes to take effect according to Azure documentation. If you get this error message, try deploying the stack in the File Storage Security console a few minutes later.
Why are there no tags set to the uploaded blobs on Azure?
The functions in the deployed stacks require certain permissions to retrieve scanning events and publish scan results. These permissions can take up to 30 minutes to take effect according to Azure documentation. To mitigate the issue, try uploading the files and monitoring the scan results a few minutes later.