Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files, release notes, and the latest version of the applicable user documentation, which are available from the Trend Micro Web site at: http://www.trendmicro.
Table of Contents About Deep Security ....................................................................................................................................................................... 4 Installation Checklist....................................................................................................................................................................... 6 Deep Security Licensing on AWS Marketplace .....................................................................
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) About Deep Security About Deep Security Deep Security is designed to run on and with Amazon Web Services. It provides advanced server security for physical, virtual, and cloud servers, makes it fast and easy to secure EC2 and virtual, private, cloud (VPC) instances. Management of security is performed from an integrated administrative console that automatically provides a single up-to-date view of your security posture in the AWS environment.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) About Deep Security Enables compliance with PCI Requirement 6.6 for the protection of web applications and the data that they process. Defends against SQL injections attacks, cross-site scripting attacks, and other web application vulnerabilities. Shields vulnerabilities until code fixes can be completed. Identifies malicious software accessing the network Increases visibility into, or control over, applications accessing the network.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Installation Checklist Installation Checklist Complete the tasks in this checklist to install Deep Security Step 1. 2. Task Decide which type of licensing you will use Marketplace (page 7) Check Permissions and properly Communication (page 8) Install and configure a database for use with Deep Security 4. Install Deep Security Manager 5.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Deep Security Licensing on AWS Marketplace Deep Security Licensing on AWS Marketplace On the AWS Marketplace, there are two licensing options for Deep Security: • BYOL: Bring-Your-Own-License (BYOL) is for customers who have already obtained a license to use Deep Security 9.5 SP1. If you are using this type of license, you will need to enter the License string/activation code in the Deep Security Manager console after it is installed.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Check Permissions and Communication Check Permissions and Communication AWS Credentials You will need to know your AWS account credentials. Administrator/Root Privileges You need to have Administrator/Root privileges on the computers on which you will install Deep Security software components. SMTP Server You will need an SMTP server to send alert emails. The DSM uses Port 25 by default for connection to the SMTP Server.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Database Deployment Considerations Database Deployment Considerations Before installing Deep Security Manager, you must install a database. You can install your own database or you can use the Amazon RDS Management Console to create a database instance. You can use a Microsoft SQL RDS or an Oracle RDS. Refer to the Amazon RDS Documentation for instructions, but keep the following considerations in mind for integration with Deep Security.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Database Deployment Considerations • The database account used by the Deep Security Manager must have db_owner rights. • If using Multi-Tenancy, the database account used by the Deep Security Manager must have dbcreator rights. (For information on Multi-Tenancy, see Multi-Tenancy (page 0).) • Select the "simple" recovery model property for your database. (See http://technet.microsoft.com/en-us/library/ms189272.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Installing the Deep Security Manager Installing the Deep Security Manager Deploy an Instance To access the Deep Security AMIs, go to the AWS Marketplace and search for Deep Security. You will see the PPU and BYOL AMIs. Select the appropriate AMI. This displays a page that describes the product and pricing information. Click Continue. On the next page, you can select other options and launch your instance.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) 8. Note: Installing the Deep Security Manager When the installation is complete, the Deep Security Manager console will be displayed. You can log in with the username and password that you specified during the Deep Security Manager installation process. Note the URL used to access the Deep Security Manager console.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Installing the Deep Security Manager 1. In the Deep Security Manager console, go to Administration > System Settings > Agents > Agent-Initiated Activation. 2. Ensure that Allow Agent-Initiated Activation is selected. 3. Ensure that Allow Agent to specify hostname is selected. 4. Click Save.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Installing the Deep Security Manager 2. Select the platform to which you are deploying the software. Platforms listed in the drop-down menu will correspond to the software that you have imported into the Deep Security Manager from the Trend Micro Download Center. 3. Select Activate the Agent Automatically. (Agents must be activated by the Deep Security Manager before a protection Policy can be implemented.) 4.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Upgrading the Deep Security Manager Upgrading the Deep Security Manager Note: We strongly recommend backing up your database before proceeding with the upgrade. Note: If you are running Deep Security Manager on multiple nodes, decommission all but one of the nodes, upgrade the remaining node, and then add new nodes, as required. To upgrade Deep Security Manager: 1.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Add Amazon EC2 Resources to Deep Security Manager Add Amazon EC2 Resources to Deep Security Manager Once you have imported the resources from the Cloud Provider account into the Deep Security Manager, the computers in the account are managed like any computer on a local network. To import cloud resources into their Deep Security Manager, Deep Security Users must first have an account with which to access the cloud provider service resources.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Add Amazon EC2 Resources to Deep Security Manager 8. Click Create New Users to display the Create User page. 9. Enter a username and select the Generate an access key for each User option. 10. click Download Credentials to download the generated User Security credentials (Access Key and Secret Key) and then close the dialog window. 11.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Add Amazon EC2 Resources to Deep Security Manager 4. Upon successfully importing the Cloud Provider resources, the wizard will display the results of the action. 5. The Amazon AWS resources now appear in the Deep Security Manager under their own branch under Computers in the navigation panel.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Installing Deep Security Agents Installing Deep Security Agents This section describes how to install and activate Deep Security Agents and how to enable Relay functionality (if required). Importing Agent Software A Deep Security Agent is initially installed with core functionality only. It is only when a Protection Module is enabled on an Agent that the plug-ins required for that module are downloaded and installed.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) 3. Note: Installing Deep Security Agents Save the Agent installer to a local folder. Only use the exported Agent installer package (the .msi or the .rpm file) on its own to install the Deep Security Agent. If you extract the full Agent zip package and then run the Agent installer from the same folder that holds the other zipped Agent components, all the Security Modules will be installed (but not turned on).
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Installing Deep Security Agents 4. Ready to install Trend Micro Deep Security Agent: Click Install to proceed with the installation. 5. Completed: when the installation has completed successfully, click Finish. The Deep Security Agent is now installed and running on this computer, and will start every time the machine boots. Note: During an install, network interfaces will be suspended for a few seconds before being restored.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) 3. Installing Deep Security Agents The Deep Security Agent will start automatically upon installation. Installing the Ubuntu Agent Follow the instructions under "Importing Agent Software" (above) to import the appropriate Ubuntu Agent software package from the Download Center to Deep Security Manager and then export the installer (.deb file). To install on Ubuntu, copy the installer file (.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Installing Deep Security Agents Note: The Deployment Script Generator can also be started from the menu bar on the Administration > Updates > Software > Local page. Note: The deployment scripts generated by Deep Security Manager for Windows Agents must be run in Windows Powershell version 2.0 or later.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Installing Deep Security Agents Activating the Agent The Agent must be activated from the Deep Security Manager before it can be configured to act as a Relay or to protect the host computer. To activate the newly installed Agent: 24 1. In the Deep Security Manager, go to the Computers page and click New > New Computer... to display the New Computer Wizard. 2. Enter the hostname or IP address of the computer.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Installing Deep Security Agents Enabling Relay Functionality Any activated 64-bit Windows or Linux Agent can be configured to act as a Relay, downloading and distributing Security and Software Updates. Note: Once enabled on an Agent, Relay functionality cannot be disabled. To enable Relay functionality: 1.
Appendices
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) System Requirements System Requirements Deep Security Manager Deep Security Manager is available as an AWS Marketplace Linux Instance. • Web Browser: Firefox 24+, Internet Explorer 9.x, Internet Explorer 10.x, Internet Explorer 11.x, Chrome 33+, Safari 6+. (Cookies enabled.) ◦ Monitor: 1024 x 768 resolution at 256 colors or higher Database Deep Security Manager requires a database.
Deep Security 9.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Deep Security Manager Performance Features Deep Security Manager Performance Features Performance Profiles Deep Security Manager uses an optimized concurrent job scheduler that considers the impacts of each job on CPU, Database and Agent. By default, new installations use the "Aggressive" performance profile which is optimized for a dedicated Manager. The performance profile can be changed by navigating to Administration > Manager Nodes.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Creating an SSL Authentication Certificate Creating an SSL Authentication Certificate The Deep Security Manager creates a 10-year self-signed certificate for the connections with Agents, Relays, and Users' web browsers. However, for added security, this certificate can be replaced with a certificate from a trusted certificate authority (CA). (Such certificates are maintained after a Deep Security Manager upgrade.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) 13. Creating an SSL Authentication Certificate Run the following command to view the certificate chain in you keystore: opt\dsm\jre\bin# keytool -list -v 14. Copy the .keystore file from your user home directory .\root\ to \opt\dsm\ 15. Open the configuration.properties file in folder C:\Program Files\Trend Micro\Deep Security Manager. It will look something like: keystoreFile= opt\\\dsm\\\.
Deep Security 9.5 SP1 Installation Guide (AWS Marketplace) Connecting to your instance via SSH Connecting to your instance via SSH The AWS Marketplace version of Deep Security Manager is installed on AWS Linux. To connect to your Deep Security Manager instance via SSH, please refer to these instructions from Amazon: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/putty.html. Note that the username for the Deep Security Manager instance is "trend", and not "root" or "ec2-user".
