Control Manager and Deep Security Integration

If you have been working with Trend Micro Products you would know about Control Manager. It is used for Centralized Management for Threat and Data Protection. Im Lab I wanted to show a client how Control Manager integrates to Deep Security how to bring those security views into Control Manager.

I setup my lab using the following components and versions :

  • Deep Security : version 9.0.5500
  • Control Manager : version 6.0, build 1327, hot fix 1870 (Basically Patch 4)

First thing I did was to create a Service account that I would use in Deep Security for Control Manager to connect. With this I also had to create a new role. Lets look at this.

Deep Security : New Role

I created a new role called Control Manager and only assigned the Web Services API to this role. I deselected the “Allow Access to UI” as this role do not need that access. See below :

CTM01

Deep Security : New User

Next is to create a new used and assign this role to the user. I set the time zone and password never to expire as this is a service account. See below :

CTM02

Deep Security : Enable SOAP Web Service API

For the Control Manager Widget to work they need access to the SOAP API. This API is disabled by default and you need to enabled it. See below :

CTM03

Control Manager : Adding the Deep Security Server to Control Manager

From Control Manager click on : Administration -> Settings -> Deep Security Management. Here you can add all your Deep Security servers that you have in your environment. The default Port is 4119, but make sure from the API settings in Deep Security. Use the User/Password that you created for before. See below :

CTM04

Control Manager : Adding the widgets

Not that all is done we can add some widgets. I created a new Tab called Deep Security and added some widgets from here. You can configure each widget to either show all the Deep Security Manager or only some that you want to select. See below :

CTM05

Summary

With Control Manager I am able to add my Deep Security Managers and create certain widgets that will show information about the events. Simply said : Single view of Security related events.

You can read more about Deep Security and Control Manager here :

Leave a Reply