web
You’re offline. This is a read only version of the page.
close

Online Help Center
  • Search
  • Support
    • For Home
    • For Business
  • English (US)
    • Bahasa Indonesia (Indonesian)
    • Dansk (Danish)
    • Deutsch (German)
    • English (Australia)
    • English (US)
    • Español (Spanish)
    • Français (French)
    • Français Canadien
      (Canadian French)
    • Italiano (Italian)
    • Nederlands (Dutch)
    • Norsk (Norwegian)
    • Polski (Polish)
    • Português - Brasil
      (Portuguese - Brazil)
    • Português - Portugal
      (Portuguese - Portugal)
    • Svenska (Swedish)
    • ภาษาไทย (Thai)
    • Tiếng Việt (Vietnamese)
    • Türkçe (Turkish)
    • Čeština (Czech)
    • Ελληνικά (Greek)
    • Български (Bulgarian)
    • Русский (Russian)
    • עברית (Hebrew)
    • اللغة العربية (Arabic)
    • 日本語 (Japanese)
    • 简体中文
      (Simplified Chinese)
    • 繁體中文
      (Traditional Chinese)
    • 繁體中文 HK
      (Traditional Chinese)
    • 한국어 (Korean)
This website uses cookies for website functionality and traffic analytics. Our Cookie Notice provides more information and explains how to amend your cookie settings.
Learn More Yes, I agree
Table of Contents
The page you're looking for can't be found or is under maintenance
Try again later or go to the home page
Go to home page
  • About Deep Security
    • Deep Security 20 release strategy and lifecycle policy
    • Deep Security life cycle dates
      • Deep Security LTS lifecycle dates
      • Deep Security FR life cycle dates
    • About the Deep Security components
    • About the Deep Security protection modules
  • About this release
    • What's new?
      • What's new in Deep Security Manager?
      • What's new in Deep Security Agent?
      • What's new in Deep Security Virtual Appliance?
  • Compatibility
    • System requirements
    • Agent requirements
      • Agent platform compatibility
      • Linux kernel compatibility
      • Linux file system compatibility
      • Linux systemd support
      • Linux Secure Boot support
      • SELinux support
      • Supported features by platform
    • Sizing
      • Deep Security Manager performance features
    • Port numbers, URLs, and IP addresses
  • Get Started
    • Check digital signatures on software packages
    • Deploy Deep Security Manager
      • Prepare a database
        • Database requirements
        • Install a database server
        • Configure the database
      • Run a readiness check
      • Install Deep Security Manager
      • Install Deep Security Manager silently
      • Add activation codes
      • Set up multi-tenancy
        • Set up a multi-tenant environment
        • Multi-tenant settings
      • Set up multiple nodes
        • Install Deep Security Manager on multiple nodes
        • View active Deep Security Manager nodes
    • Deploy Deep Security Relay
    • Deploy Deep Security Agent
      • Get Deep Security Agent software
      • Configure Linux Secure Boot for agents
      • Install the agent
      • Install the agent on Amazon EC2 and WorkSpaces
      • Install the agent on an AMI or WorkSpace bundle
      • Install the agent on Azure VMs
      • Install the agent on Google Cloud Platform VMs
      • Install the agent on VMware vCloud
      • Activate the agent
      • Common issues when installing or updating the agent
    • Deploy Deep Security Virtual Appliance
      • Protection for VMware environments
      • Choose agentless vs. combined mode protection
      • Before deploying the appliance
      • Configure VMware DRS
      • Deploy the appliance (NSX-T 3.x)
        • Import the appliance
        • Prepare Fabric settings
        • Add vCenter to Deep Security Manager
        • Install the appliance on NSX-T 3.x
        • Create a group for protection
        • Configure east-west security
        • Configure Endpoint Protection
        • Configure activation
        • Next steps (how to add new VMs)
      • Deploy the appliance (NSX-V)
      • Deploy the appliance in a vCloud environment
      • Automated policy management in NSX environments
      • Synchronize Deep Security policies with NSX
      • Configure DPDK mode
      • Configure NSX security tags
      • Configure the appliance OVF location
      • Deep Security Virtual Appliance memory allocation
      • Start or stop the appliance
    • Deploy Deep Security notifier
  • User Guide
    • Add computers
      • About adding computers
      • Add local network computers
      • Add Active Directory computers
      • Add AWS instances
        • About adding AWS accounts
        • Add an AWS account using a manager instance role
        • Add an AWS account using an access key
        • Add an AWS account using a cross-account role
        • Add Amazon WorkSpaces
        • Manage an AWS account
        • Manage an AWS account external ID
        • Manage AWS regions
        • Protect an account running in AWS Outposts
      • Add Azure instances
        • Create an Azure application for Deep Security
        • Add a Microsoft Azure account to Deep Security
        • Why should I upgrade to the new Azure Resource Manager connection functionality?
      • Add GCP instances
        • Create a Google Cloud Platform service account
        • Add a Google Cloud Platform account
      • Add VMWare VMs
        • Add a VMware vCenter
        • Add virtual machines hosted on VMware vCloud
        • Change IP address or FQDN of NSX Manager
        • Add an ESXi to a protected NSX cluster
      • Control CPU usage
      • Migrate to the new cloud connector functionality
      • Protect Docker containers
      • Protect OpenShift containers
    • Configure policies
      • Create policies
      • Policies, inheritance, and overrides
      • Manage and run recommendation scans
      • Detect and configure the interfaces available on a computer
      • Overview section of the computer editor
      • Overview section of the policy editor
      • Network engine settings
      • User mode solution
      • Define rules, lists, and other common objects used by policies
        • About common objects
        • Create a firewall rule
        • Configure intrusion prevention rules
        • Create an Integrity Monitoring rule
        • Define a Log Inspection rule for use in policies
        • Create a list of directories for use in policies
        • Create a list of file extensions for use in policies
        • Create a list of files for use in policies
        • Create a list of IP addresses for use in policies
        • Create a list of ports for use in policies
        • Create a list of MAC addresses for use in policies
        • Define contexts for use in policies
        • Define stateful firewall configurations
        • Define a schedule that you can apply to rules
    • Configure protection modules
      • Configure Anti-Malware
        • About Anti-Malware
        • Set up Anti-Malware
          • Enable and configure anti-malware
          • Configure malware scans and exclusions
          • Performance tips for anti-malware
          • Coexistence of Deep Security Agent with Microsoft Defender Antivirus
          • Virtual Appliance Scan Caching
        • Detect emerging threats using Predictive Machine Learning
        • Detect emerging threats using Threat Intelligence
        • Enhanced anti-malware and ransomware scanning with behavior monitoring
        • Smart Protection in Deep Security
        • Handle malware
          • View and restore identified malware
          • Configure advanced exploit exceptions
          • Increase debug logging for anti-malware in protected Linux instances
      • Configure Web Reputation
      • Configure Intrusion Prevention (IPS)
        • About Intrusion Prevention
        • Set up Intrusion Prevention
        • Configure intrusion prevention rules
        • Configure an SQL injection prevention rule
        • Application types
        • Inspect TLS traffic
        • TLS inspection support
        • Configure anti-evasion settings
        • Performance tips for intrusion prevention
      • Configure Firewall
        • About Firewall
        • Set up the Deep Security firewall
        • Create a firewall rule
        • Allow trusted traffic to bypass the firewall
        • Firewall rule actions and priorities
        • Firewall settings
        • Firewall settings with Oracle RAC
        • Define stateful firewall configurations
        • Scan for open ports
        • Container Firewall rules
      • Configure Device Control
      • Configure Integrity Monitoring
        • About Integrity Monitoring
        • Set up Integrity Monitoring
        • Create an Integrity Monitoring rule
        • Integrity Monitoring rules language
          • About the Integrity Monitoring rules language
          • DirectorySet
          • FileSet
          • GroupSet
          • InstalledSoftwareSet
          • PortSet
          • ProcessSet
          • RegistryKeySet
          • RegistryValueSet
          • ServiceSet
          • UserSet
          • WQLSet
        • Virtual Appliance Scan Caching
      • Configure Log Inspection
        • About Log Inspection
        • Set up Log Inspection
        • Define a Log Inspection rule for use in policies
      • Configure Application Control
        • About Application Control
        • Set up Application Control
        • Verify that Application Control is enabled
        • Monitor Application Control events
        • View and change Application Control rulesets
        • Application Control Trust Entities
        • Reset Application Control after too much software change
        • Use the API to create shared and global rulesets
    • Configure events and alerts
      • About Deep Security event logging
      • Log and event storage best practices
      • Anti-Malware scan failures and cancellations
      • Apply tags to identify and group events
      • Reduce the number of logged events
      • Rank events to quantify their importance
      • Forward events to a Syslog or SIEM server
        • Forward Deep Security events to a Syslog or SIEM server
        • Syslog message formats
        • Configure Red Hat Enterprise Linux to receive event logs
      • Access events with Amazon SNS
        • Set up Amazon SNS
        • SNS configuration in JSON format
        • Events in JSON format
      • Forward system events to a remote computer via SNMP
      • Configure alerts
      • Configure SMTP settings for email notifications
      • Generate reports about alerts and other activity
      • About attack reports
      • Lists of events and alerts
        • Predefined alerts
        • Agent events
        • System events
        • Application Control events
        • Anti-malware events
        • Device Control events
        • Firewall events
        • Intrusion prevention events
        • Integrity monitoring events
        • Log inspection events
        • Web reputation events
      • Troubleshoot common events, alerts, and errors
        • Why am I seeing firewall events when the firewall module is off?
        • Troubleshoot event ID 771 "Contact by Unrecognized Client"
        • Troubleshoot "Smart Protection Server disconnected" errors
        • Error: Activation Failed
        • Error: Agent version not supported
        • Error: Anti-Malware Engine Offline
        • Error: Device Control Engine Offline
        • Error: Check Status Failed
        • Error: Installation of Feature 'dpi' failed: Not available: Filter
        • Error: Integrity Monitoring Engine Offline and other errors occur after activating a virtual machine
        • Error: Interface out of sync
        • Error: Intrusion Prevention Rule Compilation Failed
        • Error: Log Inspection Rules Require Log Files
        • Error: Module installation failed (Linux)
        • Error: There are one or more application type conflicts on this computer
        • Error: Unable to connect to the cloud account
        • Error: Unable to resolve instance hostname
        • Alert: Integrity Monitoring information collection has been delayed
        • Alert: Manager Time Out of Sync
        • Alert: The memory warning threshold of Manager Node has been exceeded
        • Event: Max TCP connections
        • Warning: Anti-Malware Engine has only Basic Functions
        • Warning: Census, Good File Reputation, and Predictive Machine Learning Service Disconnected
        • Warning: Insufficient disk space
        • Warning: Reconnaissance Detected
    • Configure proxies
      • Configure proxies
      • Proxy settings
    • Configure relays
      • How relays work
      • Deploy additional relays
      • Remove relay functionality from an agent
    • Manage agents (protected computers)
      • Computer and agent statuses
      • Configure agent version control
      • Configure teamed NICs
      • Agent-manager communication
      • Configure agents that have no internet access
      • Activate and protect agents using agent-initiated activation and communication
      • Automatically upgrade agents on activation
      • Using Deep Security with iptables
      • Enable or disable agent self-protection on Windows
      • Enable or disable agent self-protection on Linux
      • Are offline agents still protected by Deep Security?
      • Automate offline computer removal with inactive agent cleanup
      • Agent settings
      • User mode solution
      • Deep Security notifier
    • Manage users
      • Add and manage users
      • Define roles for users
      • Add users who can only receive reports
      • Create an API key for a user
      • Unlock a locked out user name
      • Implement SAML single sign-on (SSO)
        • About SAML single sign-on (SSO)
        • Configure SAML single sign-on
        • Configure SAML single sign-on with Microsoft Entra ID
    • Manage the database
      • General database maintenance
      • Maintain PostgreSQL
      • Maintain Microsoft SQL Server Express
      • Migrate Microsoft SQL Server Express to Enterprise
      • Back up and restore your database
    • Navigate and customize Deep Security Manager
      • Customize the dashboard
      • Group computers dynamically with smart folders
      • Customize advanced system settings
    • Harden Deep Security
      • About Deep Security hardening
      • Protect Deep Security Manager with an agent
      • Protect Deep Security Agent
      • Replace the Deep Security Manager TLS certificate
      • Update the load balancer's certificate
      • Encrypt communication between the Deep Security Manager and the database
      • Change the Deep Security Manager database password
      • Configure HTTP security headers
      • Upgrade the Deep Security cryptographic algorithm
      • Enforce user password rules
      • Set up multi-factor authentication
      • Manage trusted certificates
      • SSL implementation and credential provisioning
      • If I have disabled the connection to the Smart Protection Network, is any other information sent to Trend Micro?
    • Upgrade Deep Security
      • About upgrades
      • Apply security updates
      • Disable emails for New Pattern Update alerts
      • Use a web server to distribute software updates
      • Upgrade Deep Security Manager
      • Upgrade Deep Security Relay
      • Upgrade Deep Security Agent
      • Upgrade Deep Security Virtual Appliance
        • Check if new appliance software is available
        • Before upgrading the appliance
        • Upgrade the appliance
      • Upgrade the database
      • Error: The installer could not establish a secure connection to the database server
      • Upgrade the NSX license for more Deep Security features
      • Migrate an agentless solution from NSX-V to NSX-T
    • Uninstall Deep Security
      • Uninstall Deep Security
      • Uninstall Deep Security from your NSX environment
    • Configure Deep Security Manager memory usage
    • Restart the Deep Security Manager
    • Check your license information
    • Upgrade Deep Security to Trend Vision One Endpoint Security - Server & Workload Protection
      • Upgrade to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate policies to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate common objects to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate cloud accounts to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate agents to Trend Vision One Endpoint Security - Server & Workload Protection
    • Migrate Deep Security to Trend Cloud One - Endpoint & Workload Security
      • Migrate to Trend Cloud One - Endpoint & Workload Security
      • Migrate policies to Trend Cloud One - Endpoint & Workload Security
      • Migrate common objects to Trend Cloud One - Endpoint & Workload Security
      • Migrate cloud accounts to Trend Cloud One - Endpoint & Workload Security
      • Migrate agents to Trend Cloud One - Endpoint & Workload Security
  • DevOps, automation, and APIs
    • About DevOps, automation, and APIs
    • Trend Micro Hybrid Cloud Security Command Line Interface (THUS)
    • Command-line basics
    • Use the Deep Security API to automate tasks
    • Schedule Deep Security to perform tasks
    • Automatically perform tasks when a computer is added or changed (event-based tasks)
    • AWS Auto Scaling and Deep Security
    • Azure virtual machine scale sets and Deep Security
    • GCP auto scaling and Deep Security
    • Use deployment scripts to add and protect computers
    • URL format for download of the agent
    • Automatically assign policies using cloud provider tags/labels
  • Trust and compliance
    • About compliance
    • Agent package integrity check
    • Meet PCI DSS requirements with Deep Security
    • Common Criteria configuration
    • GDPR
    • FIPS 140 support
    • Bypass vulnerability management scan traffic in Deep Security
    • Use TLS 1.2 with Deep Security
    • Enable TLS 1.2 strong cipher suites
    • Legal disclosures
      • Privacy and personal data collection disclosure
      • Deep Security Product Usage Data Collection
      • Legal disclaimer
  • Integrations
    • Integrate with AWS Control Tower
    • Integrate with AWS Systems Manager Distributor
    • Integrate with SAP NetWeaver
    • Integrate with Trend Vision One
      • Integrate with Trend Vision One (XDR)
      • Integrate with Trend Vision One Service Gateway
  • FAQs
    • Why does my Windows machine lose network connectivity when I turn on protection?
    • How do I get news about Deep Security?
    • How does agent protection work for Solaris zones?
    • How do I protect AWS GovCloud (US) instances?
    • How do I protect Azure Government instances?
    • How does Deep Security Agent use the Amazon Instance Metadata Service?
    • How can I minimize heartbeat alerts for offline environments in an AWS Elastic Beanstalk environment?
    • Why can't I add my Azure server using the Azure cloud connector?
    • Why can't I view all of the VMs in an Azure subscription in Deep Security?
    • Deep Security coverage of Log4j vulnerability
  • Troubleshooting
    • Offline agent
    • High CPU usage
    • Diagnose problems with agent deployment (Windows)
    • "Anti-Malware Driver Offline" status with VMware
    • Anti-Malware Windows platform update failed
    • Performance issues on an agentless virtual machine
    • Security update connectivity
    • SQL Server domain authentication problems
    • Prevent MTU-related agent communication issues across Amazon Virtual Private Clouds (VPC)
    • Create a diagnostic package
    • Increase verbose diagnostic package process memory
    • Removal of older software versions
    • Troubleshoot SELinux alerts
    • Troubleshoot Azure code signing
    • Network Engine Status (Windows OS)
  • PDFs
    • Deep Security Administration Guide
    • Deep Security Best Practice Guide
Add an AWS account using a manager instance role
Follow the instructions below to add an AWS account to Deep Security Manager using a manager instance role. Use this method if Deep Security Manager is running inside of AWS.
Note
Note
The term 'AWS Primary Account' will be used throughout this topic to describe the AWS account under which your Deep Security Manager is located.

First, log in to the AWS Primary Account

  1. Go to Amazon Web Services at https://aws.amazon.com/.
  2. Sign in using your AWS Primary Account.

Next, configure an IAM policy

  1. In the Amazon Web Services Console, go to the IAM service.
  2. In the left navigation pane, click Policies.
  3. Click Create policy.
  4. Select the JSON tab.
  5. Copy the following JSON code into the text box:
    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "cloudconnector",
            "Action": [
                "ec2:DescribeImages",
                "ec2:DescribeInstances",
                "ec2:DescribeRegions",
                "ec2:DescribeSubnets",
                "ec2:DescribeTags",
                "ec2:DescribeVpcs",
                "ec2:DescribeAvailabilityZones",
                "ec2:DescribeSecurityGroups",
                "workspaces:DescribeWorkspaces",
                "workspaces:DescribeWorkspaceDirectories",
                "workspaces:DescribeWorkspaceBundles",
                "workspaces:DescribeTags",
                "iam:ListAccountAliases",
                "iam:GetRole",
                "iam:GetRolePolicy",
                "sts:AssumeRole"
            ],
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}
    The "sts:AssumeRole" permission is required only if you plan on adding more AWS accounts to the manager (using cross account roles).
    The "iam:GetRole" and "iam:GetRolePolicy" permissions are optional, but recommended because they allow Deep Security to determine whether you have the correct policy when an update to the manager occurs that requires additional AWS permissions.
  6. Click Review policy.
  7. Give the policy a name and description. Example name: Deep_Security_Policy.
  8. Click Create policy. Your policy is now ready to use.

Next, create a manager instance role

  1. Go to the IAM service.
  2. Click Roles.
  3. Click Create role.
  4. Make sure the AWS service box is selected.
  5. Click EC2 from the list of services. More options are revealed.
  6. Click EC2 Allows EC2 instances to call AWS services on your behalf. Click Next: Permissions.
  7. Select the check box next to the IAM policy you just created. Click Next: Review.
  8. Enter a Role name and Role description. Example role name: Deep_Security_Manager_Instance_Role
  9. Click Create role.

Next, attach the manager instance role to the manager in AWS

  1. Go to the EC2 service.
  2. Click Instances on the left, and select the check box next to the EC2 instance where your Deep Security Manager is installed.
  3. Click Actions > Instance Settings > Attach/Replace IAM Role.
  4. From the IAM role drop-down list, select the manager instance role (Deep_Security_Manager_Instance_Role).
  5. Click Apply.
You have now created a manager instance role with the correct IAM policy, and attached it to the Deep Security Manager's EC2 instance.

Next, configure the manager instance role in the manager

  1. In Deep Security Manager, click Administration at the top.
  2. Click System Settings on the left.
  3. Click the Advanced tab in the main pane.
  4. Scroll to the bottom and look for the Manager AWS Identity section.
  5. Make sure Use Manager Instance Role is selected.
    Note
    Note
    If Use Manager Instance Role does not appear, make sure that you attached the role to the EC2 instance where Deep Security Manager is installed, and then Restart the Deep Security Manager . On restart, Deep Security detects the role of the manager's EC2 instance and displays the Use Manager Instance Role option.
  6. Click Save.

Finally, add the AWS Primary Account to the manager

  1. In Deep Security Manager, click Computers at the top.
  2. In the main pane, click Add > Add AWS Account.
  3. Select Use Manager Instance Role.
  4. If the AWS Primary Account includes Amazon WorkSpaces, select Include Amazon WorkSpaces to include them with your Amazon EC2 instances. By enabling the check box, you ensure that your Amazon WorkSpaces appear in the correct location in the tree structure in Deep Security Manager and are billed at the correct rate.
  5. Click Next.
Deep Security Manager uses the manager instance role that is attached to its Amazon EC2 instance to add the AWS Primary Account's EC2 and WorkSpace instances to Deep Security Manager.
You have now added the AWS Primary Account to Deep Security Manager. The Amazon EC2 instances and Amazon WorkSpaces under this AWS account are loaded.
After completing the above tasks, proceed to Install the agent on your Amazon EC2 and WorkSpace instances if you have not done so already.
Online Help Center
Support
For Home For Business
Privacy Notice
© 2025 Trend Micro Incorporated. All rights reserved.
Table of Contents
  • About Deep Security
    • Deep Security 20 release strategy and lifecycle policy
    • Deep Security life cycle dates
      • Deep Security LTS lifecycle dates
      • Deep Security FR life cycle dates
    • About the Deep Security components
    • About the Deep Security protection modules
  • About this release
    • What's new?
      • What's new in Deep Security Manager?
      • What's new in Deep Security Agent?
      • What's new in Deep Security Virtual Appliance?
  • Compatibility
    • System requirements
    • Agent requirements
      • Agent platform compatibility
      • Linux kernel compatibility
      • Linux file system compatibility
      • Linux systemd support
      • Linux Secure Boot support
      • SELinux support
      • Supported features by platform
    • Sizing
      • Deep Security Manager performance features
    • Port numbers, URLs, and IP addresses
  • Get Started
    • Check digital signatures on software packages
    • Deploy Deep Security Manager
      • Prepare a database
        • Database requirements
        • Install a database server
        • Configure the database
      • Run a readiness check
      • Install Deep Security Manager
      • Install Deep Security Manager silently
      • Add activation codes
      • Set up multi-tenancy
        • Set up a multi-tenant environment
        • Multi-tenant settings
      • Set up multiple nodes
        • Install Deep Security Manager on multiple nodes
        • View active Deep Security Manager nodes
    • Deploy Deep Security Relay
    • Deploy Deep Security Agent
      • Get Deep Security Agent software
      • Configure Linux Secure Boot for agents
      • Install the agent
      • Install the agent on Amazon EC2 and WorkSpaces
      • Install the agent on an AMI or WorkSpace bundle
      • Install the agent on Azure VMs
      • Install the agent on Google Cloud Platform VMs
      • Install the agent on VMware vCloud
      • Activate the agent
      • Common issues when installing or updating the agent
    • Deploy Deep Security Virtual Appliance
      • Protection for VMware environments
      • Choose agentless vs. combined mode protection
      • Before deploying the appliance
      • Configure VMware DRS
      • Deploy the appliance (NSX-T 3.x)
        • Import the appliance
        • Prepare Fabric settings
        • Add vCenter to Deep Security Manager
        • Install the appliance on NSX-T 3.x
        • Create a group for protection
        • Configure east-west security
        • Configure Endpoint Protection
        • Configure activation
        • Next steps (how to add new VMs)
      • Deploy the appliance (NSX-V)
      • Deploy the appliance in a vCloud environment
      • Automated policy management in NSX environments
      • Synchronize Deep Security policies with NSX
      • Configure DPDK mode
      • Configure NSX security tags
      • Configure the appliance OVF location
      • Deep Security Virtual Appliance memory allocation
      • Start or stop the appliance
    • Deploy Deep Security notifier
  • User Guide
    • Add computers
      • About adding computers
      • Add local network computers
      • Add Active Directory computers
      • Add AWS instances
        • About adding AWS accounts
        • Add an AWS account using a manager instance role
        • Add an AWS account using an access key
        • Add an AWS account using a cross-account role
        • Add Amazon WorkSpaces
        • Manage an AWS account
        • Manage an AWS account external ID
        • Manage AWS regions
        • Protect an account running in AWS Outposts
      • Add Azure instances
        • Create an Azure application for Deep Security
        • Add a Microsoft Azure account to Deep Security
        • Why should I upgrade to the new Azure Resource Manager connection functionality?
      • Add GCP instances
        • Create a Google Cloud Platform service account
        • Add a Google Cloud Platform account
      • Add VMWare VMs
        • Add a VMware vCenter
        • Add virtual machines hosted on VMware vCloud
        • Change IP address or FQDN of NSX Manager
        • Add an ESXi to a protected NSX cluster
      • Control CPU usage
      • Migrate to the new cloud connector functionality
      • Protect Docker containers
      • Protect OpenShift containers
    • Configure policies
      • Create policies
      • Policies, inheritance, and overrides
      • Manage and run recommendation scans
      • Detect and configure the interfaces available on a computer
      • Overview section of the computer editor
      • Overview section of the policy editor
      • Network engine settings
      • User mode solution
      • Define rules, lists, and other common objects used by policies
        • About common objects
        • Create a firewall rule
        • Configure intrusion prevention rules
        • Create an Integrity Monitoring rule
        • Define a Log Inspection rule for use in policies
        • Create a list of directories for use in policies
        • Create a list of file extensions for use in policies
        • Create a list of files for use in policies
        • Create a list of IP addresses for use in policies
        • Create a list of ports for use in policies
        • Create a list of MAC addresses for use in policies
        • Define contexts for use in policies
        • Define stateful firewall configurations
        • Define a schedule that you can apply to rules
    • Configure protection modules
      • Configure Anti-Malware
        • About Anti-Malware
        • Set up Anti-Malware
          • Enable and configure anti-malware
          • Configure malware scans and exclusions
          • Performance tips for anti-malware
          • Coexistence of Deep Security Agent with Microsoft Defender Antivirus
          • Virtual Appliance Scan Caching
        • Detect emerging threats using Predictive Machine Learning
        • Detect emerging threats using Threat Intelligence
        • Enhanced anti-malware and ransomware scanning with behavior monitoring
        • Smart Protection in Deep Security
        • Handle malware
          • View and restore identified malware
          • Configure advanced exploit exceptions
          • Increase debug logging for anti-malware in protected Linux instances
      • Configure Web Reputation
      • Configure Intrusion Prevention (IPS)
        • About Intrusion Prevention
        • Set up Intrusion Prevention
        • Configure intrusion prevention rules
        • Configure an SQL injection prevention rule
        • Application types
        • Inspect TLS traffic
        • TLS inspection support
        • Configure anti-evasion settings
        • Performance tips for intrusion prevention
      • Configure Firewall
        • About Firewall
        • Set up the Deep Security firewall
        • Create a firewall rule
        • Allow trusted traffic to bypass the firewall
        • Firewall rule actions and priorities
        • Firewall settings
        • Firewall settings with Oracle RAC
        • Define stateful firewall configurations
        • Scan for open ports
        • Container Firewall rules
      • Configure Device Control
      • Configure Integrity Monitoring
        • About Integrity Monitoring
        • Set up Integrity Monitoring
        • Create an Integrity Monitoring rule
        • Integrity Monitoring rules language
          • About the Integrity Monitoring rules language
          • DirectorySet
          • FileSet
          • GroupSet
          • InstalledSoftwareSet
          • PortSet
          • ProcessSet
          • RegistryKeySet
          • RegistryValueSet
          • ServiceSet
          • UserSet
          • WQLSet
        • Virtual Appliance Scan Caching
      • Configure Log Inspection
        • About Log Inspection
        • Set up Log Inspection
        • Define a Log Inspection rule for use in policies
      • Configure Application Control
        • About Application Control
        • Set up Application Control
        • Verify that Application Control is enabled
        • Monitor Application Control events
        • View and change Application Control rulesets
        • Application Control Trust Entities
        • Reset Application Control after too much software change
        • Use the API to create shared and global rulesets
    • Configure events and alerts
      • About Deep Security event logging
      • Log and event storage best practices
      • Anti-Malware scan failures and cancellations
      • Apply tags to identify and group events
      • Reduce the number of logged events
      • Rank events to quantify their importance
      • Forward events to a Syslog or SIEM server
        • Forward Deep Security events to a Syslog or SIEM server
        • Syslog message formats
        • Configure Red Hat Enterprise Linux to receive event logs
      • Access events with Amazon SNS
        • Set up Amazon SNS
        • SNS configuration in JSON format
        • Events in JSON format
      • Forward system events to a remote computer via SNMP
      • Configure alerts
      • Configure SMTP settings for email notifications
      • Generate reports about alerts and other activity
      • About attack reports
      • Lists of events and alerts
        • Predefined alerts
        • Agent events
        • System events
        • Application Control events
        • Anti-malware events
        • Device Control events
        • Firewall events
        • Intrusion prevention events
        • Integrity monitoring events
        • Log inspection events
        • Web reputation events
      • Troubleshoot common events, alerts, and errors
        • Why am I seeing firewall events when the firewall module is off?
        • Troubleshoot event ID 771 "Contact by Unrecognized Client"
        • Troubleshoot "Smart Protection Server disconnected" errors
        • Error: Activation Failed
        • Error: Agent version not supported
        • Error: Anti-Malware Engine Offline
        • Error: Device Control Engine Offline
        • Error: Check Status Failed
        • Error: Installation of Feature 'dpi' failed: Not available: Filter
        • Error: Integrity Monitoring Engine Offline and other errors occur after activating a virtual machine
        • Error: Interface out of sync
        • Error: Intrusion Prevention Rule Compilation Failed
        • Error: Log Inspection Rules Require Log Files
        • Error: Module installation failed (Linux)
        • Error: There are one or more application type conflicts on this computer
        • Error: Unable to connect to the cloud account
        • Error: Unable to resolve instance hostname
        • Alert: Integrity Monitoring information collection has been delayed
        • Alert: Manager Time Out of Sync
        • Alert: The memory warning threshold of Manager Node has been exceeded
        • Event: Max TCP connections
        • Warning: Anti-Malware Engine has only Basic Functions
        • Warning: Census, Good File Reputation, and Predictive Machine Learning Service Disconnected
        • Warning: Insufficient disk space
        • Warning: Reconnaissance Detected
    • Configure proxies
      • Configure proxies
      • Proxy settings
    • Configure relays
      • How relays work
      • Deploy additional relays
      • Remove relay functionality from an agent
    • Manage agents (protected computers)
      • Computer and agent statuses
      • Configure agent version control
      • Configure teamed NICs
      • Agent-manager communication
      • Configure agents that have no internet access
      • Activate and protect agents using agent-initiated activation and communication
      • Automatically upgrade agents on activation
      • Using Deep Security with iptables
      • Enable or disable agent self-protection on Windows
      • Enable or disable agent self-protection on Linux
      • Are offline agents still protected by Deep Security?
      • Automate offline computer removal with inactive agent cleanup
      • Agent settings
      • User mode solution
      • Deep Security notifier
    • Manage users
      • Add and manage users
      • Define roles for users
      • Add users who can only receive reports
      • Create an API key for a user
      • Unlock a locked out user name
      • Implement SAML single sign-on (SSO)
        • About SAML single sign-on (SSO)
        • Configure SAML single sign-on
        • Configure SAML single sign-on with Microsoft Entra ID
    • Manage the database
      • General database maintenance
      • Maintain PostgreSQL
      • Maintain Microsoft SQL Server Express
      • Migrate Microsoft SQL Server Express to Enterprise
      • Back up and restore your database
    • Navigate and customize Deep Security Manager
      • Customize the dashboard
      • Group computers dynamically with smart folders
      • Customize advanced system settings
    • Harden Deep Security
      • About Deep Security hardening
      • Protect Deep Security Manager with an agent
      • Protect Deep Security Agent
      • Replace the Deep Security Manager TLS certificate
      • Update the load balancer's certificate
      • Encrypt communication between the Deep Security Manager and the database
      • Change the Deep Security Manager database password
      • Configure HTTP security headers
      • Upgrade the Deep Security cryptographic algorithm
      • Enforce user password rules
      • Set up multi-factor authentication
      • Manage trusted certificates
      • SSL implementation and credential provisioning
      • If I have disabled the connection to the Smart Protection Network, is any other information sent to Trend Micro?
    • Upgrade Deep Security
      • About upgrades
      • Apply security updates
      • Disable emails for New Pattern Update alerts
      • Use a web server to distribute software updates
      • Upgrade Deep Security Manager
      • Upgrade Deep Security Relay
      • Upgrade Deep Security Agent
      • Upgrade Deep Security Virtual Appliance
        • Check if new appliance software is available
        • Before upgrading the appliance
        • Upgrade the appliance
      • Upgrade the database
      • Error: The installer could not establish a secure connection to the database server
      • Upgrade the NSX license for more Deep Security features
      • Migrate an agentless solution from NSX-V to NSX-T
    • Uninstall Deep Security
      • Uninstall Deep Security
      • Uninstall Deep Security from your NSX environment
    • Configure Deep Security Manager memory usage
    • Restart the Deep Security Manager
    • Check your license information
    • Upgrade Deep Security to Trend Vision One Endpoint Security - Server & Workload Protection
      • Upgrade to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate policies to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate common objects to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate cloud accounts to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate agents to Trend Vision One Endpoint Security - Server & Workload Protection
    • Migrate Deep Security to Trend Cloud One - Endpoint & Workload Security
      • Migrate to Trend Cloud One - Endpoint & Workload Security
      • Migrate policies to Trend Cloud One - Endpoint & Workload Security
      • Migrate common objects to Trend Cloud One - Endpoint & Workload Security
      • Migrate cloud accounts to Trend Cloud One - Endpoint & Workload Security
      • Migrate agents to Trend Cloud One - Endpoint & Workload Security
  • DevOps, automation, and APIs
    • About DevOps, automation, and APIs
    • Trend Micro Hybrid Cloud Security Command Line Interface (THUS)
    • Command-line basics
    • Use the Deep Security API to automate tasks
    • Schedule Deep Security to perform tasks
    • Automatically perform tasks when a computer is added or changed (event-based tasks)
    • AWS Auto Scaling and Deep Security
    • Azure virtual machine scale sets and Deep Security
    • GCP auto scaling and Deep Security
    • Use deployment scripts to add and protect computers
    • URL format for download of the agent
    • Automatically assign policies using cloud provider tags/labels
  • Trust and compliance
    • About compliance
    • Agent package integrity check
    • Meet PCI DSS requirements with Deep Security
    • Common Criteria configuration
    • GDPR
    • FIPS 140 support
    • Bypass vulnerability management scan traffic in Deep Security
    • Use TLS 1.2 with Deep Security
    • Enable TLS 1.2 strong cipher suites
    • Legal disclosures
      • Privacy and personal data collection disclosure
      • Deep Security Product Usage Data Collection
      • Legal disclaimer
  • Integrations
    • Integrate with AWS Control Tower
    • Integrate with AWS Systems Manager Distributor
    • Integrate with SAP NetWeaver
    • Integrate with Trend Vision One
      • Integrate with Trend Vision One (XDR)
      • Integrate with Trend Vision One Service Gateway
  • FAQs
    • Why does my Windows machine lose network connectivity when I turn on protection?
    • How do I get news about Deep Security?
    • How does agent protection work for Solaris zones?
    • How do I protect AWS GovCloud (US) instances?
    • How do I protect Azure Government instances?
    • How does Deep Security Agent use the Amazon Instance Metadata Service?
    • How can I minimize heartbeat alerts for offline environments in an AWS Elastic Beanstalk environment?
    • Why can't I add my Azure server using the Azure cloud connector?
    • Why can't I view all of the VMs in an Azure subscription in Deep Security?
    • Deep Security coverage of Log4j vulnerability
  • Troubleshooting
    • Offline agent
    • High CPU usage
    • Diagnose problems with agent deployment (Windows)
    • "Anti-Malware Driver Offline" status with VMware
    • Anti-Malware Windows platform update failed
    • Performance issues on an agentless virtual machine
    • Security update connectivity
    • SQL Server domain authentication problems
    • Prevent MTU-related agent communication issues across Amazon Virtual Private Clouds (VPC)
    • Create a diagnostic package
    • Increase verbose diagnostic package process memory
    • Removal of older software versions
    • Troubleshoot SELinux alerts
    • Troubleshoot Azure code signing
    • Network Engine Status (Windows OS)
  • PDFs
    • Deep Security Administration Guide
    • Deep Security Best Practice Guide
Close