Add cloud accounts and appliances

Before you can deploy protection on the Network Security management interface, first add a cloud account to allow Network Security to gain access to your cloud account information.

The Get Started wizard walks you through adding a cloud account, deploying protection, and any next steps you should take to protect your network environment. Navigate to Home → Get Started to launch the wizard.

If you have already walked through the Get Started wizard previously, you can also navigate to Network → Accounts and click Add Account to add any additional Cloud Accounts.

Deploy Protection

It is a good best practice to complete the Deploy Protection checklist before deploying protection to your environment. If you have already walked through the Get Started wizard previously, you can also navigate to Network → Appliances and click the Deploy new protection button to deploy a new virtual appliance.

After you add a virtual appliance, you can view the information for that appliance, like the instance ID, platform, region, and virtual network, in Network → Appliances.

Appliances on the appliances page are organized by their scaling group.

From the Appliances page, select a scale group or appliance and click Configure to make changes to appliances, including setting the inspection state to Enabled or Disabled or distributing policies. Changes to appliances in a scale group are applied to all of the appliances within that group. You can also make changes to an individual appliance that does not belong to a scale group.


The Deploy new protection button is disabled while you have a scale group or an appliance selected. Unselect the scale group or appliance radio button to reenable the Deploy protection button.

You can also manually deploy an appliance by following the steps in Network Security in AWS or Network Security in Azure.


You can add up to four virtual appliances to the Network Security management interface. After you have reached this limit, contact Cloud One support to increase the number of virtual appliances that you can add.

Manually add an AWS virtual appliance

To manually register an AWS appliance, first SSH to the appliance, and then enter the following register command:

cloudone register <api-key>

Generate an API key

If you do not have an API key, create a Trend Micro Cloud One API key to authenticate API calls; see the API key help.

If you created your account before August 4th, 2021, follow these steps to generate an API key through Workload Security.

  1. Navigate to the Workload Security API Keys page.
  2. Click New.
  3. Enter a name and description and make sure to select Full Access for the role.
  4. Click Next, and save the key value to enter when you deploy protection.

To verify that the virtual appliance was successfully registered, use the show cloudone command or check the virtual appliance system log.