Deep Security 9 Part 3: The Deep Security Manager

Deep Security 9 Part 3: The Deep Security Manager

In part 1 we installed the VMware vShield part which is needed to get Trend Micro Deep Security up and running. In part 2 we created a database instance that will be used by the Deep Security Manager (DSM). In this part we’ll focus on the installation of the DSM itself. The DSM is the management interface used to manage and monitor the Deep Security environment. You will use this to deploy Deep Security Virtual Appliance (DSVA) instances as well as creating scan profiles, monitor the Deep Security infrastructure and more.

Let’s install the DSM now, first we’ll need to make sure we’ll have the right software (can be downloaded here):

After you’ve downloaded and extracted the Deep Security Manager files, doubleclick on the manager execution file


The Setup will start and in the Welcome screen Click Next


In the License Agreement screen select I accept.. and then click Next


In the Select Destination Directory screen Browse to the destination folder and Click Next


In the database screen select and setup the right Database setup (as created in part 2) and click Next


In the License screen provide your License activation code and press Next


In the Adress and Ports screen provide the FQDN of the DSM and click Next


In the credentials screen Provide a Username (MasterAdmin is standard) and a password and click Next


In the security update window leave the defaults and click Next


In the Co-located Relay screen select Yes and include AntiMalware and click Next


In the Smart Protection Network screen Enable Trend Micro Smart Feedback and click Next


In the confirm Settings click finish to install the DSM


After the installation is finished open a browser and browse to the FQDN (httpS:// of the DSM in the logon screen provide the username and password to log in to the DSM


After Login the DSM interface will look like this


In Part 4 we’ll install a Deep Security Virtual Appliance (DSVA). See you there 😉 And if you have any question please let me know.

Read More
Deep Security 9 Part 2: The Database

Deep Security 9 Part 2: The Database

Yesterday in the first part of this blog series on installing Trend Micro Deep Security 9 we installed the VMware vShield Manager as well as the vShield Endpoint on the hosts in our environment. The last prerequisite is the setup of the database for the DSM. This Database can be an Microsoft SQL or Oracle Database. While installing the Deep Security Manager you’ll have the option to install a build in that will only be able to support about 10 VM’s…..

The Database will grow fast, and an Microsoft SQL Express Database which has a limit of 4GB will be suitable for about 50 VM’s. Take that in mind when you’re doing a Proof of concept an thinking about using this kind of database.

With all that being said, let’s setup a database for the Deep Security Manager (I’ll use SQL2012 in this case):

Open the Microsoft SQL server management Studio:


In the Connect to Server windows choose your authentication method and press Connect:


Right Click on Databases and select New Database:


Provide a name for the database, select a database owner and press OK (leave the rest default):


If everything went well the database will be created and show in the Databases tab:


This step is the last one needed to begin the install of the Trend Micro Deep Security Manager. See you next time, and again when ever you have questions please feel free to contact me 😉

Read More
Deep Security 9 Part 1: Installing the vShield Manager and Endpoint

Deep Security 9 Part 1: Installing the vShield Manager and Endpoint

Installing Deep Security is not that hard. In this post I’ll walk you through the first step of getting Deep Security up and running in your virtual environment. The installation of vShield Manager.

In order to get Trend Micro Deep Security running a couple of prerequisites need to be in place. The prerequisites that need to be in place are:

  • The vShield Manager
  • The vShield Endpoint (installed on every host)
  • A Database (SQL or Oracle)

Let’s start with installing the vShield Manager. In order to this you’ll have to download the vShield Manager here. After the download is done, open vCenter and go to File –> Deploy OVF Template (Press picture for larger image)


In the Source window Click Browse


Browse to the vShield Manager OVA file and Open it


Click Next in the Source window


In the OVF Template Details click Next


In the End User License Agreement click Accept and click Next


In the Name and Location window Provide a vSM name and click Next


In the Host / Cluster window select the Cluster you want the vSM to be in and click Next


In the Specify a Specific Host select a host and click Next


In the Storage window choose the datastore you want to use and click Next


In the Disk Format window choose the format you want to use and click Next


In the Ready to Complete window Select Power on after Deployment and Press Finish


The deployment of the OVF will start and after this is complete open the vSM Console window




To log in to vSM use the Default username: admin and password: default

  • Provide a IP Address
  • Subnet Mask
  • Default gateway
  • Primary (and secondary) DNS


Open a webbrowser and surf to the IP address you just provided for the vSM

Log in with the admin account (user: admin pw: default)

Edit the vCenter Server settings so the vSM is able to communicate with the vSphere environment


The installation of the vSM is now done. To install vShield Endpoint on the hosts perforn these steps

In vSM browse to the host you want vShield Enpoint to be installed on and click Install


In the next we’ll install the Trend Micro Deep Security Manager. If you have questions, please don’t hesitate to reach out to me.

Read More
Installing VMware vShield 5 Endpoint Driver on vSphere 5 VM’s

Installing VMware vShield 5 Endpoint Driver on vSphere 5 VM’s

In this blog post written yesterday I explained how to install the VMware vShield 1.0 Endpoint driver on VM’s in a vSphere 4.x environment. VMware made the process to install the driver a lot easier (at least the way to find the installation file ;-)) through adding the installation file to the VMtools installation procedure.

Make sure not to install the vShield 5 installations on a vSphere 4.x environment. The API’s changed to much to get Trend Micro up Deep Security and running when you do this.

To install the vShield 5 Endpoint Driver perform the following steps:

  • To install the vShield 5 Endpoint Driver you need to make sure the VMtools CD is connected:
  • Slide2
  • After you’ve connected the VMtools CD choose the Interactive Tools Upgrade option and press OK:
  • Slide3
  • In the AutoPlay screen press Run setup64.exe:
  • Slide4
  • In the VMware Tools Welcome screen press Next:
  • Slide5
  • In the Program Maintenance screen select Modify and press Next:
  • Slide6
  • In the Custom Setup screen press the + sign VMware Device Drivers:
  • Slide7
  • Scroll down and press the WMCI Driver +, press on the vShield driver Icon and select “this feature will be installed on local hard drive”. After this selection click Next.
  • Slide8
  • In the Ready to Modify the Program screen press modify to install the driver:
  • Slide9

You can check if the installation went well by doing the following steps:

  • Log in to the VMware vShield Manger server via a webbrowser (default user: admin / default password: default):
  • slide10
  • Open the Datacenters Tab, the Cluster Tab and select the ESX host that contains the VM. Open the Endpoint Tab in the right screen and if everything went well the VM will show up in the protected state (if not restart the VM)
  • slide11

That’s it! If you have a question, just ask 😉

Read More
vShield Endpoint Driver installation on vSphere 4.x

vShield Endpoint Driver installation on vSphere 4.x

Implementing a Proof of Concept (PoC) with VMware vSphere 4.1, VMware vShield and Trend Micro Deep security I found out a couple of things the hard way. To make sure you don’t get in the same trouble I had, I will only show the installation of the vShield Endpoint Driver installation.

Very important advice: Don’t install vShield v5 in an vSphere 4.x environment

There are two ways to install the driver into a VM:

  1. Download the latest VMware Endpoint Driver (version 1.0.0 Update 2) and install the driver
  2. Download and connect the latest vSphere 4.1 VMtools ISO and install the driver

This post will be based on the second choice, so make sure to download the the latest VMtools ISO here (download the 32 an 64 bits versions)

  • First we need to make sure the ISO is connected to the VM:


  • In the screen that will popup go to the datastore that contains the ISO files. Selct the ISO and press OK:


  • Open windows explorer and go to the VMware-vShield-Endpoint-Driver on the CD:


  • In the popup screen accept the license agreement and click install:


  • After the install click Finish and restart the VM:


  • Restart the computer

You’re now done with installing the vShield Endpoint Driver installation for VMware vSphere 4.x.

Let me know if you’ve any question.

Read More