Views:
Cloud App Security integrates with Trend Micro Apex Central and supports Control Manager 6.0 Service Pack 3 Patch 1 or later.
The following features and capabilities are available on the Apex Central console if Cloud App Security is managed from Apex Central:
  • Use Single Sign-On (SSO) to access the Cloud App Security management console.
  • Add Cloud App Security data to the Data Loss Prevention and Threat Detection dashboard tabs.
  • Check the current Cloud App Security connection status.
  • Query or display logs submitted by Cloud App Security.
    Note
    Note
    • In Control Manager 6.0 SP3 Patch 1, Cloud App Security submits only Malware Scanning logs to Apex Central.
    • From Control Manager 6.0 SP3 Patch 2, Cloud App Security submits Malware Scanning, File Blocking, Web Reputation, Virtual Analyzer, Ransomware, and Data Loss Prevention logs to Apex Central.

About Trend Micro Apex Central

Trend Micro Apex Central is a central management console that manages Trend Micro products and services at the gateway, mail server, file server, and corporate desktop levels. Administrators can use the policy management feature to configure and deploy product settings to managed products and endpoints. The Apex Central web-based management console provides a single monitoring point for antivirus and content security products and services throughout the network.
Apex Central enables system administrators to monitor and report on activities such as infections, security violations, or virus/malware entry points. System administrators can download and deploy update components throughout the network, helping ensure that protection is consistent and up to date. Example update components include virus pattern files, scan engines, and anti-spam rules. Apex Central allows both manual and pre-scheduled updates. Apex Central allows the configuration and administration of products as groups or as individuals for added flexibility.

Registering Cloud App Security

Make sure you have a Customer Licensing Portal (CLP) or Licensing Management Platform (LMP) account, and both Cloud App Security and Control Manager are activated and available for use.

Procedure

  1. In Apex Central, go to AdministrationManaged ServersServer Registration.
  2. Under Server Type, select Cloud App Security.
  3. Click Cloud Service Settings.
  4. Type the LMP logon URL, for example, https://clp.trendmicro.com/Dashboard?T=<tenant-id>, if you are using an LMP account. tenant-id is your company's Tenant ID. You can confirm the URL from the registration email message you received.
    Note
    Note
    CLP users do not need to type the CLP logon URL.
  5. Specify your LMP or CLP account credentials and click OK.
    The Cloud App Security server appears in the Managed Servers list.

Managing Cloud App Security

Procedure

  1. In Apex Central, perform either of the following to open the Directory Management page:
    • Go to AdministrationManaged ServersServer Registration, and then click Directory Management.
    • Go to DirectoriesProducts, and then click Directory Management.
  2. In the product tree, click Local FolderNew Entity, and then locate and select the Cloud App Security entity.
  3. Manage the Cloud App Security entity as necessary.

Configuring Single Sign-On

Procedure

  1. In Apex Central, go to AdministrationManaged ServersServer Registration.
  2. Under Server Type, select Cloud App Security.
  3. Under Server, click the server address.
    The Dashboard screen of the Cloud App Security management console opens in a new browser tab.

Checking Cloud App Security Server Status

Procedure

  1. In Apex Central, go to Dashboard.
  2. Click the Summary tab.
  3. Scroll down and find the Product Connection Status widget.
    You can check the status of any Cloud App Security server registered with Apex Central.

Querying Cloud App Security Logs

Cloud App Security Malware Scanning, File blocking, Web Reputation, Virtual Analyzer, and Data Loss Prevention logs are available in Apex Central.

Procedure

  1. In Apex Central, go to LogsLog Query.
    The Log Query screen appears.
  2. Click the Virus/Malware detections drop-down list, select the type of logs to query, and then click OK.
    For more information, see Log Query Data Views in the "Trend Micro Control Manager Online Help".
  3. In the product tree, click Local FolderNew Entity, select the Cloud App Security entity, and then click OK.
  4. Select a date range and click Search.
    The log query result screen appears, showing the query results.

Viewing Data Loss Prevention Policy Violating Data

Cloud App Security transfers the content that violates Data Loss Prevention policies to Control Manager and displays it on Apex Central dashboard.
Note
Note
To view the violating content, make sure you have installed Control Manager 7.0 Patch 1 with hot fix 3004 or later.

Procedure

  1. Go to DashboardDLP Incident Investigation.
  2. Click a number in the DLP Incidents by Severity and Status or DLP Incidents by User widget.
    The Incident Information screen appears.
  3. Click Action at the end of an incident row.
    The Incident Details screen appears, where the violating content is displayed under Matching content, with sensitive data masked or unmasked as configured in the corresponding Cloud App Security Data Loss Prevention policies.