Views:

Stack Management: AWS

File Storage Security is deployed using AWS CloudFormation stacks. One to three stacks will be deployed depending on the solution selected. The collected information is stored in File Storage Security and is used for managing stacks.

Data collected
  • AWS CloudFormation Stack Name:
    • Scanner Stack Name
    • Storage Stack Name
  • AWS S3 Bucket Name
  • AWS Account ID
Console locationFile Storage Security > Stacks > Deploy Stacks

Module state

Back to top

Stack Management: Azure

File Storage Security is deployed using Azure Resource Manager templates. One to two deployments will be run depending on the solution selected. The collected information is stored in File Storage Security and is used for managing stacks.

Data collected
  • Azure Resource Group Resource ID of following two resource group:
    • Scanner stack resource group
    • Storage stack resource group
  • Storage Account Resource ID
  • Azure Subscription Name
  • Azure Tenant ID
Console locationFile Storage Security > Stacks > Deploy Stacks

Module state

Back to top

Stack Management: GCP

File Storage Security is deployed using GCP Deployment Manager templates. One to two deployments will be run depending on the solution selected. The collected information is stored in File Storage Security and is used for managing stacks.

Data collected
  • GCP Deployment Name:
    • Scanner Stack Deployment Name
    • Storage Stack Deployment Name
  • GCP Cloud Storage Bucket Name
  • GCP Project ID
  • GCP Service Account ID
Console locationFile Storage Security > Stacks > GCP > Deploy Stacks

Module state

Back to top

Logging and Monitoring: AWS

This information is stored in File Storage Security and is used for troubleshooting and monitoring. Collection of this information cannot be configured or disabled.

Data collectedData from resources under a protection unit
  • AWS Account ID
  • AWS CloudFormation Stack Information
    • Scanner Stack Name
    • Storage Stack Name
  • Scanner Stack ARN
  • S3 Bucket Name
  • Scanned File Type
  • Scanned File Size
  • Scan Result
  • Scan Engine and Pattern Version
  • Scanned File Etag
  • Scanned File Extension Name
Console locationThis information is stored in the File Storage Security and is used for troubleshooting and monitoring. It cannot be configured or disabled by customer.

Back to top

Logging and Monitoring: Azure

This information is stored in File Storage Security and is used for troubleshooting and monitoring. Collection of this information cannot be configured or disabled.

Data collectedData from resources under a protection unit
  • Azure Tenant ID
  • Azure Subscription Name
  • Azure Resource Group Resource ID of the following two resource group:
    • Scanner stack resource group
    • Storage stack resource group
  • Storage Account Name
  • Blob container name
  • Scanned File Type
  • Scanned File Size
  • Scan Result
  • Scan Engine and Pattern Version
  • Scanned File Extension Name
Console locationThis information is stored in the File Storage Security and is used for troubleshooting and monitoring. It cannot be configured or disabled by customer.

Back to top

Logging and Monitoring: GCP

This information is stored in File Storage Security and is used for troubleshooting and monitoring. Collection of this information cannot be configured or disabled.

Data collectedData from resources under a protection unit
  • GCP Project ID
  • GCP Deployment Name
    • Scanner Stack Deployment Name
    • Storage Stack Deployment Name
  • GCP Cloud Storage Bucket Name
  • Scanned File Type
  • Scanned File Size
  • Scan Result
  • Scan Engine and Pattern Version
  • Scanned File Etag
  • Scanned File CRC32C Checksum
  • Scanned File Extension Name
Console locationThis information is stored in the File Storage Security and is used for troubleshooting and monitoring. It cannot be configured or disabled by customer

Back to top

Scan History: AWS

This information is stored in File Storage Security and is used for displaying the scanned file name on Scan History console. Collection of this information can be disabled by setting “ReportObjectKey” field to “false” when deploying Storage Stacks.

Data collectedData from resources under a protection unit
  • File name (Object key)
Console locationFile Storage Security > Stacks > AWS > Deploy Stacks > Scanner and Storage Stack > Launch Stack > (AWS console) CloudFormation, or File Storage Security > Stacks > AWS > Add Storage > Launch Stack > (AWS console) CloudFormation

Console Setting: ReportObjectKey

Module state

Back to top

Scan History: Azure

This information is stored in File Storage Security and is used for displaying the scanned file name on Scan History console. Collection of this information can be disabled by setting “Report Object Key” field to “No” when deploying Storage Stacks.

Data collectedData from resources under a protection unit
  • File name (Object key)
Console locationFile Storage Security > Stacks > Azure > Deploy Stacks > Scanner and Storage Stack > Launch Stack > (Azure portal) Custom deployment, or File Storage Security > Stacks > Azure > Add Storage > Launch Stack > (Azure portal) Custom deployment

Console Setting: ReportObjectKey

Module state

Back to top

File Scanning

This information is sent to Trend Micro Global Smart Scan Server when a file scan occurs and enables File Storage Security to identifies malicious file hashes.

In the smart scan solution, clients send file hashes determined by Trend Micro technology to Smart Scan Servers. Clients never send the entire file and the risk of the file is determined using the file hashes.

Data collected
  • File hashes (CRC)
Console SettingsCollection of this information cannot be configured or disabled.

Back to top

Comments (0)