This article describes how Trend Micro hardens SPS to fulfill its security requirements.
Trend Micro SPS uses HTTPS for web console & provides SSH access to the server. In HTTPS communication, SPS removes some unsafe ciphers and uses TLS to communicate with.
By default, Trend Micro SPS only allows reputation services ports (FRS/WRS) and blocks all access from outside by firewall.
Trend Micro SPS is based on CentOS which is maintained by RedHat. If RedHat announces any vulnerabilities that impact Trend Micro SPS, we will follow the solution to resolve vulnerabilities by hot fix after evaluation.
Restricted user access
Trend Micro SPS uses non-root account to execute the command and binary files.
Patch/Hot Fix file verification
Trend Micro SPS uses the digital signature to verify if the patch/hot fix is released by Trend Micro.
Minimize installed packages
Trend Micro SPS removes unnecessary packages to avoid vulnerabilities and minimize risk in packages.