Trend Micro Deep Security and Smart Protection

Configuration has yet to be fully verified, Kemp Support will gladly assist if your Trend Micro Deep Security and Smart Protection traffic is not flowing as expected.

 

1   Introduction

Using advanced machine learning technology, Trend Micro stops ransomware so you can enjoy your digital life safely. It also protects against identity theft, viruses, phishing scams, and much more.

http://la.trendmicro.com/media/wp/deep-security-whitepaper-en.pdf 

http://docs.trendmicro.com/en-us/enterprise/officescan-120-server-online-help/getting-started-with1.aspx

1.2  Document Purpose

This section details a configuration for a specific application that has been provided by a customer but has yet to be fully tested.

The purpose of this document is to give readers an overview on the recommended best practice settings when configuring the Trend Micro Deep Security components for load balancing.

Configuration has yet to be fully verified, but Kemp Support will gladly assist if Trend Micro Deep Security or Trend Micro Smart Protection traffic is not flowing as expected.

 

2  Configuration Required

Two Virtual Service required.

Deep Security require a Virtual Service listening on port 4119 and 4120.

Smart Protection require a Virtual Service listening on port 443, 80 and 5274.

 2.1 Global Configuration  

     > No Changes Required

 

2.2  Virtual Service Configuration:

•  Trend Micro Deep Security
•  Smart Protection

 

2.3   Deep Security Virtual Service

      > New Virtual Service

      > Enter IP Address

      > Port = 4119      > Name = Deep Security

> Add New Virtual Service

 2.3.1    Standard Options   

      > Service Type - Generic

      > Disable Transparency

      > Subnet Originating Request = Enable

      > Extra Ports - 4120

      > Server Initiating Protocol - Other Server Initiating

      >  Persistence = Source IP 

      >  Persistence Time = 6 min  

      > Scheduling Method = Least Connection

      >  Idle Connection Timeout = 660  (Default)

 


   2.3.2  Real Servers

      > Checker Parameter Type = HTTPS

      > Check Port = 4119

      > Add New 

      > Enter IP Address

      > Port = 4119

 

2.4  Smart Protection Virtual Service

      > New Virtual Service

      > Enter IP Address

      > Port = 443      > Name = Smart Protection

> Add New Virtual Service

 2.4.1    Standard Options   

      > Service Type - Generic

      > Disable Transparency

      > Subnet Originating Request = Enable

      > Extra Ports - 80, 5274

      > Server Initiating Protocol - Normal Protocols

      >  Persistence = Source IP 

      >  Persistence Time = 6 min  

      > Scheduling Method = Least Connection

      >  Idle Connection Timeout = 660  (Default)

 


   2.4.2   Real Servers

      > Checker Parameter Type = HTTPS

      > Check Port = 443

      > Add New 

      > Enter IP Address

      > Port = 443

 

If you have successfully Load Balanced your Trend Micro Deep Security and Smart Protection environment by implementing this specific configuration, please give a thumbs up or please leave a comment on a possible alteration that was required to make it function. Thank you