Trend Vision One and Cloud Benchmarks

Product / Version includes:

Trend Vision OneAll

Last updated: 2023/03/24

Solution ID: KA-0014159

Category: SPEC , Update

Summary

Several cloud service providers, such as Amazon Web Services (AWS), have benchmarks that you may use for auditing your deployments for security best practices. The following article explains why Trend Vision One deviates from one specific AWS benchmark guideline: limiting IPs to open destinations.

There are several reasons why Trend Vision One does not conform strictly to the abovementioned AWS benchmark guideline:

The AWS Service Gateway outbound rules allow traffic through ports 1024-10000 and common ports 80/443/25/587/465 to any destination rather than limiting to specific IP addresses.
Trend Vision One uses various channels to notify customers of certain events - such as email, webhooks, and others.
Trend Vision One also supports sending alerts to customers' SIEM systems (e.g. Splunk).
Trend Vision One leverages some 3rd party services such as Amazon Simple Email Service.
Your systems' may have a wide range of IPs and ports that are used for various services; several of which may be 3rd party services which utilize dynamic IPs.

Due to this, Trend Vision One's outbound rules are limited to excluding several known ports such as 22, 3389, 445 and 139 among others.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Trend Vision One and Cloud Benchmarks

Trend Vision One and Cloud Benchmarks

Product / Version includes:

Summary