|
|
|
|
|
|
Rule Type
|
Description
|
Applicable to the Boot Device?
|
Example
|
Multiple Conditions?
|
Condition Data Type
|
|---|---|---|---|---|---|
|
Key Request Date
|
Date when the key request was received
|
Yes
|
01/21/2011
|
Yes
|
Date
|
|
Request Source IP Address (IPv4)
|
IPv4 address from which the key request originated
|
Yes
|
|
Yes
|
String
|
|
Request Source IP Address (IPv6)
|
IPv6 address from which the key request originated
|
Yes
|
|
Yes
|
String
|
|
First Seen
|
Date when SecureCloud first
processed any data related to a machine. Based on this time stamp, SecureCloud can determine if the time
period has lapsed to grant the agent encryption keys.
|
No
|
01/21/2012 |
Yes
|
Date
|
|
User Data
|
Data packet provided to the machine at start up
|
No
|
DataKey=MySecretKey
|
Yes
|
String
|
|
Zone/Region
|
Location of the server farm running the machine
|
No
|
Us-east-1c
|
Yes
|
String
|
|
OSSEC Version
|
The version of OSSEC that is present on the machine
|
No
|
2.5.1 |
Yes
|
String
|
|
Trend Micro Software
|
The Trend Micro security software installed on the machine
|
No
|
OfficeScan
|
No
|
String
|
|
Trend Micro Virus Scan Engine Version
|
The version of the Trend Micro virus scan
engine available on the machine
|
No
|
9.500.1008 |
No
|
String
|
|
Trend Micro Virus Scan Pattern Version
|
The version of the Trend Micro virus scan
pattern file on the machine
|
No
|
9.297.00 |
No
|
String
|
|
Guest OS Information
|
Operating system and architecture used by the machine to run the SecureCloud Agent
|
No
|
|
Yes
|
String
|
|
Deep Security Status
|
The status of the key-requesting environment as determined by the Deep Security Management
(DSM)
|
No
|
|
Yes
|
String
|
|
Network Services
|
Listening ports on the machine running the SecureCloud Agent—both TCP and UDP ports are included
|
No
|
|
Yes
|
Number
|