Solved

Trend Micro Deep Security IPS mailing list & docs

Posted on 2014-02-06
3
453 Views
Last Modified: 2014-02-24
Just been tasked to review Trend Micro Deep Security
IPS (Intrusion Protection/Prevention System?) events
 / logs for non-legitimate cases.

Appreciate if anyone can point me to
a) mailing lists that actively discuss this
b) any links out there that has documentation on this
0
Comment
Question by:sunhux
  • 2
3 Comments
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
Comment Utility
Tm has a knowledgebase and forum, the search in those can be useful

http://esupport.trendmicro.com/en-us/business/fastsearch.aspx?q=log%20analysis&p=Deep%20Security&t=7

you can also create support case for assistance to intepret specific log or they can share more insight
http://esupport.trendmicro.com/srf/srfmain.aspx

if I will see any of the DP manual they will have section on the log analysis and rule description e.g. in PDF (can be old but can grab latest one from kb) see Options for Log Inspection Rules and Creating Custom Log Inspection Rules in the Reference section

http://docs.trendmicro.com/all/ent/dsm/v7.5/en-us/dsm_7.5_sp1_ug.pdf

for http decoding can catch
http://esupport.trendmicro.com/solution/en-us/1098016.aspx

in case you needed some wp for quick summary (can see "LOG INSPECTION")
http://www.trendmicro.com/cloud-content/us/pdfs/business/white-papers/wp_protecting-the-dynamic-datacenter.pdf
0
 

Author Comment

by:sunhux
Comment Utility
Think the 1st link doesn't load:
http://esupport.trendmicro.com/en-us/business/fastsearch.aspx?q=log%20analysis&p=Deep%20Security&t=7

Do you have the correct link for the above?
0
 
LVL 61

Assisted Solution

by:btan
btan earned 500 total points
Comment Utility
As I mentioned you can use the kb search and if you clickt hat first link, you will see that log analysis in the keyword and deep security as the product category.  The list can gove you an overall summary and probably hit the needed. Pls do see if it helps.  Try using the supporting online for more leverage
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now