Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Adding NSX Security Policy for Deep Security Virtual Appliance (DSVA)

    • Updated:
    • 8 Sep 2015
    • Product/Version:
    • Deep Security 9.5
    • Deep Security 9.6
    • Platform:
    • Amazon AMI 32-bit
    • Amazon AMI 64-bit
    • CentOS 5.4 32-bit
    • CentOS 5.4 64-bit
    • CentOS 5.5 32-bit
    • CentOS 5.5 64-bit
    • CentOS 5.6 32-bit
    • CentOS 5.6 64-bit
    • CentOS 5.7 32-bit
    • CentOS 5.7 64-bit
    • CentOS 5.8 32-bit
    • CentOS 5.8 64-bit
    • CentOS 6 32-bit
    • CentOS 6 64-bit
    • CentOS 6.1 32-bit
    • CentOS 6.1 64-bit
    • CentOS 6.2 32-bit
    • CentOS 6.2 64-bit
    • HPUX 11.x
    • IBM AIX 6.1
    • Linux - Red Hat RHEL 5 32-bit
    • Linux - Red Hat RHEL 5 64-bit
    • Linux - Red Hat RHEL 6 32-bit
    • Linux - Red Hat RHEL 6 64-bit
    • Linux - SuSE 10
    • Linux - SuSE 10 64-bit
    • Linux - SuSE 11
    • Linux - SuSE 11 64-bit
    • Oracle Linux 5 32-bit
    • Oracle Linux 5 64-bit
    • Oracle Linux 6 32-bit
    • Oracle Linux 6 64-bit
    • Oracle Solaris 11 SPARC
    • Oracle Solaris 11 x86
    • Ubuntu 10.04 64-bit
    • Ubuntu 12.04 64-bit
    • Unix - Solaris (Sun) version 10 (SunOS 5.10)
    • Unix - Solaris (Sun) version 9 (SunOS 5.9)
    • Windows 2003 Server R2
    • Windows 2003 Small Business Server
    • Windows 2003 Small Business Server R2
    • Windows 2008 Enterprise
    • Windows 2008 Enterprise 64-bit
    • Windows 2008 Essential Business Server
    • Windows 2008 Server Core
    • Windows 2008 Server Foundation
    • Windows 2008 Server R2
    • Windows 2008 Server R2 Datacenter
    • Windows 2008 Server R2 Enterprise
    • Windows 2008 Server R2 with Hyper-V(TM)
    • Windows 2008 Small Business Server
    • Windows 2008 Standard
    • Windows 2008 Standard 64-bit
    • Windows 2012 Datacenter R2
    • Windows 2012 Enterprise
    • Windows 2012 Server Essential R2
    • Windows 2012 Server Foundation R2
    • Windows 2012 Standard R2
    • Windows 8.1 32-bit
    • Windows 8.1 64-bit
    • Windows Vista 32-bit
    • Windows Vista 64-bit
    • Windows XP Professional
    • Windows XP Professional 64-bit
Summary

Create a security policy for DSVA in your NSX manager. This is necessary for you to manage the security of the virtual machines (VMs) in your data center.

Details
Public

To create NSX Security Policy with Deep Security enabled as both Endpoint Service and Network Introspection service:

  1. On your vSphere Web Client, go to Home > Networking & Security > Service Composer.
  2. Select the Security Policies tab and click the New Security Policy icon.

    New Security Policy icon

  3. Enter a name for the new policy.

    Name and Description for policy

  4. Click Next.
  5. Click the green plus sign (+) to add an Endpoint Service.
  6. Provide a name for the Endpoint Service and leave the following default settings:
    • Action: Apply
    • Service Type: Anti Virus
    • Service Name: Trend Micro Deep Security
    • Service Configuration: Deep Security Profile Configuration
    • State: Enabled
    • Enforce: No

    Edit Endpoint Service

  7. Click OK, and then click Next.
  8. Do not make any changes on the Firewall Rules, and click Next.
  9. On the Network Introspection Services option, add two (2) services, an outbound and an inbound traffic.
    1. Click the green plus sign (+) to create a new outbound service.
    2. Enter a name, which includes the word "Outbound", for the service.
    3. Configure the following settings for the Outbound service:
      • Action: Redirect to service
      • Service Name: Trend Micro Deep Security
      • Profile: Name of the service profile you created earlier
      • Source: Policy's Security Groups
      • Destination: Any
      • Protocol: Any
      • State: Enabled
      • Log: Do not log

      Outbound service configuration

    4. Create the inbound service by clicking the green plus sign (+).
    5. Provide a name, which includes the word "Inbound".
    6. Configure the following settings for the Inbound service:
      • Action: Redirect to service
      • Service Name: Trend Micro Deep Security
      • Profile: Name of the service profile created earlier
      • Source: Any
      • Destination: Policy's Security Groups
      • Protocol: Any
      • State: Enabled
      • Log: Do not log

      Inbound service configuration

  10. Click OK on the Add Network Inspection Service window.
  11. Click Finish to complete and close the New Security Policy window.
Premium
Internal
Rating:
Category:
Configure
Solution Id:
1104431
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.