The Trend Micro Vision One Service Gateway can provide multiple functions and would need to be deployed on the environment.

For details how to deploy the Service Gateway, you may refer to this online help article.

Pre-requisites

• Cloud One is integrated with Trend Micro Vision One
• Access to both Cloud One and Trend Micro Vision One Console
• Deployed and Registered Service Gateway

To enable a service in Service Gateway

1. Login to the Trend Micro Vision One Console. 
2. Go to the Workflow and Automation and select Service Gateway Management.
3. Find and click the deployed Service Gateway and click the Manage Services button. 
4. On the list, you will find the different services that can be installed with the Service Gateway.

   

   ^{Click the image to enlarge.}

5. Once the service installation is complete, the Service Name will be listed in Installed Services with Enabled and Healthy status

   

   ^{Click the image to enlarge.}

How to enable Forward Proxy

This service allows the DS agent to be able to connect to query services such as the Smart Protection Network via the Service Gateway. 

1. From the Service Gateway Management, Download and Install the Forward Proxy service.
2. From the Cloud One Console, go to Administration > System Settings > Proxies tab > Proxy Servers, verify that the proxy settings has synched and is visible on the list.

   

   ^{Click the image to enlarge.}

3. Once the forward proxy settings sync to the Enpoint & Workload Security, the agent will receive the settings on next policies check.

How to enable ActiveUpdate Service

This service allows the DS agent to connect to the update source for daily Security Update via the Service Gateway.

1. From the Cloud One - Endpoint and Workload Security, take note of the update source, under  Administration > System Settings > Updates > Security Updates > Primary Security Update Source > Trend Micro Update Server

   The default url is https://ipv6-iaus.trendmicro.com/iau_server.dll/

2. From the Service Gateway Management, Download and Install the ActiveUpdate service.
3. Once the service is installed, click the gear icon beside Connection Status of the ActiveUpdate Service to be able to configure it.
4. On the ActiveUpdate Service Configuration Window, Click +Add and paste the url in the URL field and add a description. Click the Check once done.

   

   ^{Click the image to enlarge.}

5. On the same window, under ActivateUpdate URL, Select the appropriate Protocol and Type. For the Update source, select the URL that you just added.
6. Click Generate and the new url will be generated. Copy the URL.

   

   ^{Click the image to enlarge.}

7. Login in the Cloud ONe Console and go to Administration > System Settings > Updates > Security Updates > Primary Security Update Source
8. Update the Update Source with the new URL from Step 6. and then Click Save.

   

   ^{Click the image to enlarge.}

How to enable Smart Protection Services

This service enables the Service Gateway to act as a local Smart Protection Server.

1. From the Service Gateway Management, Download and Install the Smart Protection Services.
2. Once the service is installed, click the gear icon beside Connection Status of the Smart Protection Services to be able to copy the URL for File and Web Reputation Services.
3. Login to the Cloud One - Endpoint & Workload Security console and update the Smart Protection Server. 

   Note: You can do it either via Computer Level or Policy Level. 

4. Open the Policy Properties or Computer Properties, and Go to Anti-Malware > Smart Protection Tab
5. Under the Smart Protection Server for File Reputation Service, Update the option to Use locally installed Smart Protection Server and add the URL

   

   ^{Click the image to enlarge.}

6. Click Add and then Click Save.
7. On the Policy Properties or Computer Properties, and Go to Web Reputation > Smart Protection Tab

   

   ^{Click the image to enlarge.}

8. Click Add and then Click Save.