Professional Documents
Culture Documents
An Overview of Trend Micro Deep Security Solution Components
An Overview of Trend Micro Deep Security Solution Components
Deep Security provides a single platform for server security to protect physical, virtual, and cloud servers
as well as hypervisors and virtual desktops. Tightly integrated modules easily expand to offer in-depth
defenses, including anti-malware, web reputation, intrusion prevention, firewall, integrity monitoring,
and log inspection.
Database:
The database contains all information that Deep Security Manager needs to operate. This includes
configuration details and event log information for each individual protected host and other records
required for Deep Security Manager operation.
• In the agent-based deployment model, a Deep Security Agent is installed on every computer (or
VM), but there is no need to deploy a Deep Security Virtual Appliance
• In the agentless deployment model, there is no need to install an agent in the virtual machines.
This functionality is provided by the Deep Security Virtual Appliance.
• Note: Deep Security agentless deployment with Virtual machine’s require NSX
Deployment Considerations
• Use the fully qualified domain name (FQDN). Define Deep Security Manager to use its FQDN,
which is resolvable by all other components.
• The Deep Security Manager must be co-located on the same network as its database, with the
connection speed of 1 GB LAN or higher. Connections over WAN are discouraged.
• Deep Security Manager relies on the database to function. Any increase in latency can have a
serious negative impact on Deep Security Manager’s performance and availability.
Ports
Port From Towards Listening Node(S)
4118 (TCP) DSM Client Servers Client Servers
4119 (TCP) Client Servers DSM DSM
4343 (TCP) Client Servers SPS SPS
4343 (TCP) DSM SPS SPS
4120 (TCP) Client Servers DSM DSM
4122 (TCP) Client Servers DSM DSM
53 (TCP/UDP) DSM DNS DNS
53 (TCP/UDP) SPS DNS DNS
80, 443 (TCP) DSM Internet *.trendmicro.com’*
80, 443 (TCP) SPS Internet *.trendmicro.com’*
80, 443, 5274,5275 (TCP) Client Servers SPS SPS
80, 443,5274,5275 (TCP) DSM SPS SPS
Bi-directional Communication, Agent-initiated Communication, or Manager-initiated Communication
The communication between the Deep Security Manager(s) and the agents (virtual appliances) is by
default bi-directional. This means that both sides can initiate communication. If network conditions
don’t allow this, agent-initiated communication only, or manager-initiated communication only can be
configured. This can be configured at an individual computer or at a policy level.