Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Trend Micro Deep Security IPS mailing list & docs

Posted on 2014-02-06
3
Medium Priority
?
481 Views
Last Modified: 2014-02-24
Just been tasked to review Trend Micro Deep Security
IPS (Intrusion Protection/Prevention System?) events
 / logs for non-legitimate cases.

Appreciate if anyone can point me to
a) mailing lists that actively discuss this
b) any links out there that has documentation on this
0
Comment
Question by:sunhux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 64

Accepted Solution

by:
btan earned 2000 total points
ID: 39840734
Tm has a knowledgebase and forum, the search in those can be useful

http://esupport.trendmicro.com/en-us/business/fastsearch.aspx?q=log%20analysis&p=Deep%20Security&t=7

you can also create support case for assistance to intepret specific log or they can share more insight
http://esupport.trendmicro.com/srf/srfmain.aspx

if I will see any of the DP manual they will have section on the log analysis and rule description e.g. in PDF (can be old but can grab latest one from kb) see Options for Log Inspection Rules and Creating Custom Log Inspection Rules in the Reference section

http://docs.trendmicro.com/all/ent/dsm/v7.5/en-us/dsm_7.5_sp1_ug.pdf

for http decoding can catch
http://esupport.trendmicro.com/solution/en-us/1098016.aspx

in case you needed some wp for quick summary (can see "LOG INSPECTION")
http://www.trendmicro.com/cloud-content/us/pdfs/business/white-papers/wp_protecting-the-dynamic-datacenter.pdf
0
 

Author Comment

by:sunhux
ID: 39844283
Think the 1st link doesn't load:
http://esupport.trendmicro.com/en-us/business/fastsearch.aspx?q=log%20analysis&p=Deep%20Security&t=7

Do you have the correct link for the above?
0
 
LVL 64

Assisted Solution

by:btan
btan earned 2000 total points
ID: 39844684
As I mentioned you can use the kb search and if you clickt hat first link, you will see that log analysis in the keyword and deep security as the product category.  The list can gove you an overall summary and probably hit the needed. Pls do see if it helps.  Try using the supporting online for more leverage
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
In this article, we’ll look at how to deploy ProxySQL.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question