Trend Micro Vision One has an ability to do detection and response across email, endpoints, servers, cloud workloads and network via a single Trend Micro Vision One platform.

Trend Micro Vision One sits on top of relevant Trend Micro products in a customers’ environment, and offers expert security analytics for alert correlation, and consolidated visibility and investigation of events across security layers, leading to earlier detection and faster response.

Recommendation

Trend Micro Vision One offers a lot of capabilities such as early detection and response, getting greater context for greater understanding, etc. across multiple products. So if you use Trend Micro Vision One, Trend Micro recommends to connect DDI to Trend Micro Vision One to fully utilize Trend Micro Vision One functionality.

Configuration

There are 2 ways to connect DDI to Trend Micro Vision One:

• Scenario 1: Trend Micro Vision One integration using Deep Discovery Director (DDD) On-Premises

  • Prepare DDI and DDD On-Premises to integrate with Trend Micro Vision One.
  • DDD On-Premises can connect to Deed Discovery Director-Network Analytics SaaS (DDDNASaaS) which is located in Trend Micro Cloud side.

• Scenario 2: Trend Micro Vision One integration using Deep Discovery Director (DDD) Cloud

  • Prepare DDI and connect it to DDD Cloud version which is located in Trend Micro Cloud side to integrate with Trend Micro Vision One.
  • DDD Cloud can connect to Deed Discovery Director-Network Analytics SaaS (DDDNASaaS) in the backend.
   

  DDDNASaaS is also referred as “Trend Micro Vision One Addon”, it provides advanced threat analysis for data correlations made between detections selected in DDD and other related events as they occur over time.