Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Understanding how the Smart Protection Server settings work in Deep Security 8.0

    • Updated:
    • 25 Jan 2016
    • Product/Version:
    • Deep Security 8.0
    • Platform:
    • HPUX 11.x
    • IBM AIX
    • Linux - Red Hat RHEL 4 32-bit
    • Linux - Red Hat RHEL 4 64-bit
    • Linux - Red Hat RHEL 5 32-bit
    • Linux - Red Hat RHEL 5 64-bit
    • Linux - Red Hat RHEL 6 32-bit
    • Linux - Red Hat RHEL 6 64-bit
    • Linux - SuSE 10
    • Linux - SuSE 11
    • Unix - Solaris (Sun) version 10 (SunOS 5.10)
    • Unix - Solaris (Sun) version 9 (SunOS 5.9)
    • Windows 2003 Enterprise
    • Windows 2003 Standard
    • Windows 2008 Enterprise
    • Windows 2008 Standard
    • Windows 7 32-bit
    • Windows 7 64-bit
    • Windows Vista 32-bit
    • Windows Vista 64-bit
    • Windows XP Professional
    • Windows XP Professional 64-bit
Summary

Learn about the two Deep Security features, WRS and Anti-malware, that use Trend Micro Smart Protection Network.

Details
Public

The information below shows how to set up and configure WRS and Anti-malware features in Deep Security.

Setting up the Smart Protection System Settings

  1. Log on to the Deep Security Manager (DSM).
  2. Go to System > System Settings.
  3. Go to the Anti-malware tab to access the Smart Scan section.

    Deep Security Anti-malware settings

    By default, this feature is enabled (ON) for the Deep Security Agent (DSA) and disabled (OFF) for Virtual Appliance.

Configuring the Smart Protection source

  1. Log on to the Deep Security Manager (DSM).
  2. Go to System > System Settings.
  3. Go to the Smart Protection tab.

    Deep Security Smart Protection settings

    There are a number of settings in this section, but there are three (3) essential options:

    • Global Smart Protection Network

      This setting can be used for machines that are connected to the Internet. It requires that the machine has access to:
      ds8.icrc.trendmicro.com
      ds80-en.url.trendmicro.com

      This is the global server maintained by Trend Micro that is updated when new merging threats are detected. When this setting is selected, the DSA will communicate with these servers to determine if threats exist.

      Smart Protection Server of File Reputation Service

    • Local Smart Protection Server

      In some environments, machines may not have direct Internet access and customers may wish to set up their own local Smart Protection Server. This is a server that is installed in the customer’s environment that is connected to the global Smart Protection Network. Each machine on the network can then connect to the local server for threat detection.

      Use locally installed Smart Protection Server

    • Local Smart Protection Server with Roaming enabled

      In some environments, there may be laptops that go off domain and no longer have connection to the local Smart Protection Server. In this case, administrators may allow access to the global Smart Protection Network when the computer is “off domain”.

      When Roaming option

      The “When Roaming” option is linked closely to the location awareness feature of Deep Security, which means the feature is dependent on the machine on a domain. If you have a machine that is on a domain and you have a local SPS with the “When Roaming” check box enabled, then DSA will check for the domain controller (using an ICMP ping) at a regular interval. If the domain controller is present, DSA will assume that you are on the domain and will continue to use the local SPS. However, if connection to the domain controller cannot be established, the agent will assume that you are “Off domain” and will switch to using global SPS instead.

       
      If you select the “When Roaming” option on a machine that is not part of a domain or a machine that cannot ping the domain controller (because of a firewall rule, for example), then that machine will always use the global SPS. Therefore, this option should only be selected for machines that are part of a domain and have the potential to go off domain (i.e. laptops). It is not meant as a failover in case the local Smart Protection Server fails.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1060327
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.