Trend Micro Deep Security 9.5 ( Policies and Exclusions ) – Part 8

Pls check my previous blogs for the Trend  DSM , Relay Server , vSheild Endpoint, Filter Driver , DSVA, DSA and SSP Server. In this blog we can see the policy creation and applying it in the VMs with the exclusion list.

To create the Policy in the DSM go to the the Policy tab.

Policies – Click New Policy

Pol1

Give the name for the Policy and we can choose the base policy as inherit or None.

Pol2Pol3

We can place the new policy to the computers directly.

Pol4 pol5

In Case if we choose NO then we need to select the policy from the computer console.

pol6pol7

Next we need to enable the Anti-Malware and other protection on the policy.

pol8

Pol9

Next Remove the Default from the Real-Time Scan option and Select the Malware Scan configuration.Click Edit and create the new Exclusion Rule.

 

Pol10

In Schedule always recommended to have it Every Day All Day option for the Real-Time Scan.

Pol10

Pol11

Select the Files and Folder as per our company scan exclusion policy.

Pol12

Select the Extension Exclusion and the files extensions as per the requirements .

Pol14

Next Select the Actions and choose appropriate actions .

Pol15 Pol16

Once the policy is set then next go the computer and select the computer in which policy have to be applied.

Note that  we can apply the policy to the group of computers also.

Go to the General – Policy – Select the Policy which we created ( TestPolicy )

Pol17 Pol18

 

Next Go to the Action tab and Activate the VM.

activate

act1

We can check the status in the General – Status section which will show the corresponding ESXi and the DSVA information.

1111_censored

 

 

Once the policy is applied , We can see the computers using the policy in the Policy tab.

Pol21

 

Pls check the below KB for excluding UNC Path.

http://esupport.trendmicro.com/solution/en-US/1096634.aspx

 

Scan Caching

Scan Caching improves the efficiency of on-demand scans performed by the Virtual Appliance. It eliminates the unnecessary scanning of identical content across multiple VMs in large VMware deployments.

In addition,

• Integrity Monitoring scan caching speeds up Integrity Monitoring scans by sharing Integrity Monitoring scan results.

• Anti-Malware on-demand caching speeds up scans on subsequent cloned/similar VMs

• Anti-Malware Real-time caching speeds up VM boot and application access time

• Concurrent Scan feature allows further overall scan time improvement by allowing multiple VMs to be scanned concurrently

scan cach

In the next blog we can see the VMtools installation with vShield Endpoint driver installation .

Advertisements
This entry was posted in Trend Micro Deep Security and tagged , , . Bookmark the permalink.

5 Responses to Trend Micro Deep Security 9.5 ( Policies and Exclusions ) – Part 8

  1. Pingback: Trend Micro Deep Security 9.5 ( VMtools Installation with vShield driver) – Part 9 | Techbrainblog

  2. Ollat JC says:

    HI,
    I’m wondering if is it possible to have a hierachy of exclusion files in Deep Security ? for instance you want to exclude C:\temp in every servers and exclude C:\SQLDATA in every MSSQL Server. Thanks for your blog

    Like

  3. Joe says:

    Good Article.. When Trend is synced with Vcenter. Is there a way to exclude a folder of VM’s. So they do not get scanned?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s