When machines are moved or created in a vMotion or non-persistent VDI deployment, they appear online as "Not Managed". This happens because the activation of new machines needs to be automated to provide continuous antimalware coverage.
You can use the Deep Security Manager (DSM) to create Event-Based Task to activate new machines or vMotioned machines to a protected ESX host.
Do the following:
- Log on to the DSM web console.
- Do the following:
- For Deep Security 7.5, 8.0: Go to System > Tasks > New > New Event-Based Task > Computer Created (by System).
- For Deep Security 9.0 and above: Go to Administration tab > Event-Based Task > New > Computer created by system.
- Enable the Active computer after 0 minutes option.
- Assign Security Profile and then enable the Select the Security Profile option.
- Configure a minimum of one (1) condition.
Trend Micro recommends using "Appliance Protection Available" is "True". This means that if Deep Security Virtual Appliance (DSVA) is online on the ESX host where the virtual machine is created or moved, agentless protection will be automatically activated.Do not use "Appliance Protection Activated".
- Create the Event-Based Task.
- Allow VMware view to generate a new virtual machine upon user login.
- Check the DSM web console. When the new machine goes online, it will activate and assign the security profile that you selected.