Firewall and IPS rules applied to the agent are usually viewed using the DSM console. However, some prefer to view agent configuration while a machine is isolated from the network.
To view the Firewall and IPS rules applied, refer to the appropriate command in DSA and Vulnerability Protection Agent:
Windows
- Connect to the target VP Agent via RDP.
- Launch the Command Prompt as administratot.
- Navigate to the Vulnerability Protection installation directory.
- Type this command to list all IPS rules and save it to a file.
C:\Program Files\Trend Micro\Vulnerability Protection Agent>SendCommand --get GetConfiguration | findstr "<PayloadFilter2" > c:\IPSRules.txt
- Type this command to list all firewall rules and save it to a file.
C:\Program Files\Trend Micro\Vulnerability Protection Agent>SendCommand --get GetConfiguration | findstr "<PacketFilter" > c:\FirewallRules.txt
- Connect to the target Linux Agent (Deep Security Only) via SSH.
- Switch to root.
- Create a temporary folder or any folder to save the result. As an example, \temp\
- Type this command to list all IPS rules and save it to a file.
\opt\ds_agent\SendCommand --get GetConfiguration | findstr "<PayloadFilter2" > \temp\IPSRules.txt
- Type this command to list all Firewall rules and save it to a file.
\opt\ds_agent\SendCommand --get GetConfiguration | findstr "< PacketFilter" > \temp\ FirewallRules.txt
Below is the result: