Table of contents
Topics on this page

Integrate with Smart Protection Server

If you want your agents to be able to use the Trend Micro Smart Protection Network, then you must allow them to connect to the Internet on required port numbers. If a direct connection is not possible, or if you have many agents and want to reduce bandwidth usage on your Internet connection, you can deploy your own Smart Protection Server (SPS) within your Virtual Private Network (VPC) in AWS, or another local VPC. The Smart Protection Server connects to the Trend Micro Smart Protection Network to retrieve the latest anti-malware, file reputation, and web reputation information and then pass it to your agents.

To deploy a Smart Protection Server, you can do one of the following:

To deploy the Smart Protection Server using the CloudFormation template:

  1. In AWS, at the top, click Services and search for the CloudFormation service.
  2. On the CloudFormation service page, click Create Stack. The Select Template page appears.

    Select Template window

  3. Select Specify an Amazon S3 template URL and enter this URL into the underlying field: https://s3.amazonaws.com/trend-micro-quick-start/latest/templates/common/sps.template

  4. Click Next.

    Finish entering settings in the template. Choose the AWS key pairs you would like to use to authenticate to the server, the VPC and subnet where the Smart Protection Server will reside, and an administrator password. The password cannot contain special characters such as: !@#$%^&*().

    Do not enter a password that contains dictionary words. It should be at least 8 characters in length. Failure to do this results in a weak password that is vulnerable to guessing and brute force attacks, and could compromise the security of your network.

    Specify Details window

  5. Click Next.

  6. Optionally, create any tags that you would like to associate with this server, then click Next.

    Tags section

  7. Review your settings, and then click Create.

    Review page

    While your server is being installed, the screen will indicate progress. To verify that the process has completed, you may need to click Refresh at the top of the screen.

    Stack with CREATE_IN_PROGRESS status

    Stack with CREATE_COMPLETE status

  8. Click the Outputs tab at the bottom of the screen. There are three URLS. In the Workload Security console, you must configure your computers to use the Smart Protection Server.

  9. Log in to the Workload Security console.
  10. At either the policy level (recommended) or at the computer level, go to the Anti-Malware section.
  11. Click the Smart Protection tab at the top. Toward the bottom of the screen, deselect Inherited under Smart Protection Server for File Reputation Service.
  12. Select Use locally installed Smart Protection Server.
  13. Enter in the URL from the Outputs screen in your AWS console labeled FRSurl and click Add.
  14. Click Save.
  15. Open the web reputation section of the policy or computer and click the Smart Protection tab at the top.
  16. Deselect Inherited under Smart Protection Server for Web Reputation Service.
  17. Select Use locally installed Smart Protection Server.
  18. Add the URL from the Outputs screen in your AWS console labeled WRSurl or WRSHTTPSurl and click Add. You can use the HTTP or HTTPS URL, but HTTPS is only supported with agent version 11.0 or later.
  19. Click Save.
  20. If you did not configure Workload Security to automatically send policies, then manually send the policy.