Object Synchronization (Active Directory on-premises)

Description

The Active Directory Connector service running at Service Gateway appliance can help send objects and activity data from an on-premises Active Directory server to Trend Vision One.
Customer can disable this service via Trend Vision One Service Gateway Inventory to disable this behavior.

Data Collected

User of on-premises active directory
Group of on-premises active directory
Device of on-premises active directory
Volume of on-premises active directory
IP address of on-premises active directory server
FQDN of on-premises active directory server
Login account and password of on-premises active directory server

Console Location

Administration > Third-Party Integration > Active Directory (on-premises)

Inventory Management > Service Gateway Inventory > Configure settings

Log Forwarding (Active Directory on-premises)

Description

When customer enables log forwarding agent, it can help forward logs from supported products to Trend Micro.

Data Collected

Windows security event log of on-premises active directory
IP address of on-premises active directory server
FQDN of on-premises active directory server
Operating system information of on-premises active directory server

Console Location

Administration > Third-Party Integration > Active Directory (on-premises)
Install active directory log collector agent in Active Directory (on-premises) server.

Object Synchronization (Microsoft Entra ID)

Description

When customer grants permission to access Microsoft Entra ID, the Microsoft Entra ID connector can help to synchronize objects from Microsoft Entra ID to Trend Vision One.

Data Collected

User of Microsoft Entra ID
Group of Microsoft Entra ID

Console Location

Administration > Third-Party Integration > Microsoft Entra ID

Object Synchronization (Google Cloud Identity)

Description

Grants Trend Micro permission to access your Google Cloud Identity data in order to gain deeper insight regarding internal user accounts and devices that contribute to risk analyses.

Data Collected

User information
- Customer ID
- Google user ID
- Account information (googleAccountId, creationTime, lastLoginTime)
- Account status (suspended, archived, changePasswordAtNextLogin, isMailboxSetup, includeInGlobalAddressList)
- User profile (primaryEmail, userDisplayName, givenName, familyName, emails, languages, address, aliases, nonEditableAliases)
- Admin information (isAdmin, isDelegatedAdmin)
- Recovery information (recoveryEmail, recoveryPhone)
- Organization information (organizations, orgUnitPath, memberOf, transitiveMemberOf)
Group information
- CustomerId
- GoogleGroupId
- Email
- Name
- DirectMemberCount
- Description
- AdminCreated
- NonEditableAliases
- MemberOf
Mobile device information
- Device information (resourceId, deviceId, model, brand, type, serialNumber, imei, meid, defaultLanguage, supportsWorkProfile, manufacturer, releaseVersion)
- Device status (status, deviceCompromisedStatus, unknownSourcesStatus, developerOptionsStatus, adbStatus)
- Owner information (name, email, managedAccountIsOnOwnerProfile, otherAccountsInfo)
- Sync time (firstSync, lastSync)
- Network information (wifiMacAddress, networkOperator, basebandVersion)
- OS information (os, userAgent, buildNumber, kernelVersion)
- Hardware information (hardwareId, hardware)
- Applications
- Security (securityPatchLevel, encryptionStatus, devicePasswordStatus, bootloaderVersion, privilege)
ChromeOS device information
- Device information (deviceId, serialNumber, model, meid, orderNumber, bootMode,etag, manufactureDate)
- Device status (status, supportEndDate, willAutoRenew, activeTimeRanges, autoUpdateExpiration, deprovisionReason, lastDeprovisionTimestamp)
- Owner information (annotatedUser, annotatedLocation, annotatedAssetId, notes)
- User information (recentUsers, orgUnitPath, orgUnitId)
- Sync time (lastSync, firstEnrollmentTime, lastEnrollmentTime)
- Network information (macAddress, ethernetMacAddress, lastKnownNetwork, ethernetMacAddress0, dockMacAddress)
- OS information (osVersion, firmwareVersion, platformVersion, tpmVersionInfo, osUpdateStatus, bootMode)
- Hardware information (diskVolumeReports, systemRamTotal, systemRamFreeReports, cpuStatusReports, cpuInfo )
- Device Files: read-only for name, type, downloadUrl and createTime (deviceFiles, screenshotFiles)

Console Location

Workflow and Automation > Third-Party Integration > Google Cloud Identity

Trend Vision One Common Directory Data Collection Notice

Product / Version includes:

Trend Vision OneAll

Last updated: 2023/11/15

Solution ID: KA-0015569

Category: SPEC

Summary

Trend Micro Vision One Common Directory includes the following modules which may cause the corresponding personal data to be transmitted to Trend Micro. Detailed information and instruction are provided below for opt-out of the personal data collection by disabling specific modules. Modules that cannot be disabled are indicated below.

Object Synchronization (Active Directory on-premises)
Description	The Active Directory Connector service running at Service Gateway appliance can help send objects and activity data from an on-premises Active Directory server to Trend Vision One. Customer can disable this service via Trend Vision One Service Gateway Inventory to disable this behavior.
Data Collected	User of on-premises active directory Group of on-premises active directory Device of on-premises active directory Volume of on-premises active directory IP address of on-premises active directory server FQDN of on-premises active directory server Login account and password of on-premises active directory server
Console Location	Administration > Third-Party Integration > Active Directory (on-premises) Inventory Management > Service Gateway Inventory > Configure settings

Log Forwarding (Active Directory on-premises)
Description	When customer enables log forwarding agent, it can help forward logs from supported products to Trend Micro.
Data Collected	Windows security event log of on-premises active directory IP address of on-premises active directory server FQDN of on-premises active directory server Operating system information of on-premises active directory server
Console Location	Administration > Third-Party Integration > Active Directory (on-premises) Install active directory log collector agent in Active Directory (on-premises) server.

Object Synchronization (Microsoft Entra ID)
Description	When customer grants permission to access Microsoft Entra ID, the Microsoft Entra ID connector can help to synchronize objects from Microsoft Entra ID to Trend Vision One.
Data Collected	User of Microsoft Entra ID Group of Microsoft Entra ID
Console Location	Administration > Third-Party Integration > Microsoft Entra ID

Object Synchronization (Google Cloud Identity)
Description	Grants Trend Micro permission to access your Google Cloud Identity data in order to gain deeper insight regarding internal user accounts and devices that contribute to risk analyses.
Data Collected	User information Customer ID Google user ID Account information (googleAccountId, creationTime, lastLoginTime) Account status (suspended, archived, changePasswordAtNextLogin, isMailboxSetup, includeInGlobalAddressList) User profile (primaryEmail, userDisplayName, givenName, familyName, emails, languages, address, aliases, nonEditableAliases) Admin information (isAdmin, isDelegatedAdmin) Recovery information (recoveryEmail, recoveryPhone) Organization information (organizations, orgUnitPath, memberOf, transitiveMemberOf) Group information CustomerId GoogleGroupId Email Name DirectMemberCount Description AdminCreated NonEditableAliases MemberOf Mobile device information Device information (resourceId, deviceId, model, brand, type, serialNumber, imei, meid, defaultLanguage, supportsWorkProfile, manufacturer, releaseVersion) Device status (status, deviceCompromisedStatus, unknownSourcesStatus, developerOptionsStatus, adbStatus) Owner information (name, email, managedAccountIsOnOwnerProfile, otherAccountsInfo) Sync time (firstSync, lastSync) Network information (wifiMacAddress, networkOperator, basebandVersion) OS information (os, userAgent, buildNumber, kernelVersion) Hardware information (hardwareId, hardware) Applications Security (securityPatchLevel, encryptionStatus, devicePasswordStatus, bootloaderVersion, privilege) ChromeOS device information Device information (deviceId, serialNumber, model, meid, orderNumber, bootMode,etag, manufactureDate) Device status (status, supportEndDate, willAutoRenew, activeTimeRanges, autoUpdateExpiration, deprovisionReason, lastDeprovisionTimestamp) Owner information (annotatedUser, annotatedLocation, annotatedAssetId, notes) User information (recentUsers, orgUnitPath, orgUnitId) Sync time (lastSync, firstEnrollmentTime, lastEnrollmentTime) Network information (macAddress, ethernetMacAddress, lastKnownNetwork, ethernetMacAddress0, dockMacAddress) OS information (osVersion, firmwareVersion, platformVersion, tpmVersionInfo, osUpdateStatus, bootMode) Hardware information (diskVolumeReports, systemRamTotal, systemRamFreeReports, cpuStatusReports, cpuInfo ) Device Files: read-only for name, type, downloadUrl and createTime (deviceFiles, screenshotFiles)
Console Location	Workflow and Automation > Third-Party Integration > Google Cloud Identity

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Trend Vision One Common Directory Data Collection Notice

Trend Vision One Common Directory Data Collection Notice

Product / Version includes:

Summary