Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Installing and activating Deep Security Agent via deployment script in private subnet

    • Updated:
    • 2 Oct 2018
    • Product/Version:
    • Deep Security as a Service 2.0
    • Platform:
    • N/A N/A
Summary

In Deep Security, deployment scripts can be generated to automatically add protection when Amazon Web Services (AWS) instances are added. The deployment scripts can be used with leading operations management tools such as Chef, Puppet, RightScale, OpsWorks, Salt and others. This article focuses on leveraging the AWS User Data in the Advanced Details section to help auto-install and activate agent through scripts in private subnet.

Details
Public

The following procedure has been tested in the environment specified below:

  • Deep Security Manager: Deep Security as a Service
  • Deep Security Agent: Deep Security Agent 11.0.0-326 for Windows -x86_64 (10.0.1.202)
  • AWS VPC: Public subnet and private subnet; No NAT, instead of proxy only
  • Proxy server: Squid 3.5.27 (Public IP: 13.231.198.161; Private IP: 10.0.0.143) Port 3128

To install and activate the agent:

  1. Register the proxy (Squid Proxy) in Deep Security as a Service Manager and connect the agents, appliances, and relays to security updates via proxy.
    1. On the console, go to Administration > System Settings.
    2. Select Proxies tab.
    3. Under Proxy Server Use section, select Squid Proxy.

    Register the Squid Proxy in Deep Security as a Service Manager

  2. Create a policy for AWS EC2 instance (e.g. Windows Server 2016 policy).

    Create a new policy for AWS EC2 instance

  3. Connect the agents to security services via proxy.
    1. Go to Settings > General tab.
    2. Under Network Setting for Census, Good File Reputation, and Predictive Machine Learning Service section, select Squid Proxy.

    Connect the agents to security services via proxy

  4. Set up a proxy to the Smart Protection Network for Anti-Malware.
    1. Navigate to Anti-Malware > Smart Protection tab.
    2. Under Smart Protection Server for File Reputation Service section, enable When accessing Global Smart Protection Service, use proxy and select Squid Proxy from the drop-down list.

    Set up a proxy to the Smart Protection Network for Anti-Malware

  5. Set up a proxy to the Smart Protection Network for Web Reputation.
    1. Navigate to Web Reputation > Smart Protection tab.
    2. Under Smart Protection Server for Web Reputation Service, enable When accessing Global Smart Protection Service, use proxy and select Squid Proxy from the drop-down list.

    Set up a proxy to the Smart Protection Network for Web Reputation

  6. Configure the deployment scripts.
    1. For the Security Policy, choose the policy that you created from Step 2 (e.g. Windows Server 2016).

      Select the security policy you created earlier for Security Policy

    2. Select Squid Proxy for Proxy to contact Deep Security Manager and Proxy to contact Relays(s).

      Select Squid Proxy for Proxy to contact Deep Security Manager and Proxy to contact Relays(s)

    3. Click Copy to Clipboad to copy the script for AWS EC2 creation later.

      Click Copy to Clipboad to copy the script for AWS EC2 creation later

  7. Launch a new AWS EC2 instance in private subnet.

    Launch a new AWS EC2 instance in private subnet

  8. On the Advanced Details section, paste the deployment script in the User data field.

    Paste the deployment script copied earlier

  9. Check the Instance ID and verify the Instance State.
  10. Check the Agent status. No need for a manual step to help the agent to run.
  11. Double-check the agent status in host. It should be running as expected.
Premium
Internal
Rating:
Category:
Install
Solution Id:
1121174
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.