web
You’re offline. This is a read only version of the page.
close

Online Help Center
  • Search
  • Support
    • For Home
    • For Business
  • English (US)
    • Bahasa Indonesia (Indonesian)
    • Dansk (Danish)
    • Deutsch (German)
    • English (Australia)
    • English (US)
    • Español (Spanish)
    • Français (French)
    • Français Canadien
      (Canadian French)
    • Italiano (Italian)
    • Nederlands (Dutch)
    • Norsk (Norwegian)
    • Polski (Polish)
    • Português - Brasil
      (Portuguese - Brazil)
    • Português - Portugal
      (Portuguese - Portugal)
    • Svenska (Swedish)
    • ภาษาไทย (Thai)
    • Tiếng Việt (Vietnamese)
    • Türkçe (Turkish)
    • Čeština (Czech)
    • Ελληνικά (Greek)
    • Български (Bulgarian)
    • Русский (Russian)
    • עברית (Hebrew)
    • اللغة العربية (Arabic)
    • 日本語 (Japanese)
    • 简体中文
      (Simplified Chinese)
    • 繁體中文
      (Traditional Chinese)
    • 繁體中文 HK
      (Traditional Chinese)
    • 한국어 (Korean)
This website uses cookies for website functionality and traffic analytics. Our Cookie Notice provides more information and explains how to amend your cookie settings.
Learn More Yes, I agree
Table of Contents
The page you're looking for can't be found or is under maintenance
Try again later or go to the home page
Go to home page
  • About Deep Security
    • Deep Security 20 release strategy and lifecycle policy
    • Deep Security life cycle dates
      • Deep Security LTS lifecycle dates
      • Deep Security FR life cycle dates
    • About the Deep Security components
    • About the Deep Security protection modules
  • About this release
    • What's new?
      • What's new in Deep Security Manager?
      • What's new in Deep Security Agent?
      • What's new in Deep Security Virtual Appliance?
  • Compatibility
    • System requirements
    • Agent requirements
      • Agent platform compatibility
      • Linux kernel compatibility
      • Linux file system compatibility
      • Linux systemd support
      • Linux Secure Boot support
      • SELinux support
      • Supported features by platform
    • Sizing
      • Deep Security Manager performance features
    • Port numbers, URLs, and IP addresses
  • Get Started
    • Check digital signatures on software packages
    • Deploy Deep Security Manager
      • Prepare a database
        • Database requirements
        • Install a database server
        • Configure the database
      • Run a readiness check
      • Install Deep Security Manager
      • Install Deep Security Manager silently
      • Add activation codes
      • Set up multi-tenancy
        • Set up a multi-tenant environment
        • Multi-tenant settings
      • Set up multiple nodes
        • Install Deep Security Manager on multiple nodes
        • View active Deep Security Manager nodes
    • Deploy Deep Security Relay
    • Deploy Deep Security Agent
      • Get Deep Security Agent software
      • Configure Linux Secure Boot for agents
      • Install the agent
      • Install the agent on Amazon EC2 and WorkSpaces
      • Install the agent on an AMI or WorkSpace bundle
      • Install the agent on Azure VMs
      • Install the agent on Google Cloud Platform VMs
      • Install the agent on VMware vCloud
      • Activate the agent
      • Common issues when installing or updating the agent
    • Deploy Deep Security Virtual Appliance
      • Protection for VMware environments
      • Choose agentless vs. combined mode protection
      • Before deploying the appliance
      • Configure VMware DRS
      • Deploy the appliance (NSX-T 3.x)
        • Import the appliance
        • Prepare Fabric settings
        • Add vCenter to Deep Security Manager
        • Install the appliance on NSX-T 3.x
        • Create a group for protection
        • Configure east-west security
        • Configure Endpoint Protection
        • Configure activation
        • Next steps (how to add new VMs)
      • Deploy the appliance (NSX-V)
      • Deploy the appliance in a vCloud environment
      • Automated policy management in NSX environments
      • Synchronize Deep Security policies with NSX
      • Configure DPDK mode
      • Configure NSX security tags
      • Configure the appliance OVF location
      • Deep Security Virtual Appliance memory allocation
      • Start or stop the appliance
    • Deploy Deep Security notifier
  • User Guide
    • Add computers
      • About adding computers
      • Add local network computers
      • Add Active Directory computers
      • Add AWS instances
        • About adding AWS accounts
        • Add an AWS account using a manager instance role
        • Add an AWS account using an access key
        • Add an AWS account using a cross-account role
        • Add Amazon WorkSpaces
        • Manage an AWS account
        • Manage an AWS account external ID
        • Manage AWS regions
        • Protect an account running in AWS Outposts
      • Add Azure instances
        • Create an Azure application for Deep Security
        • Add a Microsoft Azure account to Deep Security
        • Why should I upgrade to the new Azure Resource Manager connection functionality?
      • Add GCP instances
        • Create a Google Cloud Platform service account
        • Add a Google Cloud Platform account
      • Add VMWare VMs
        • Add a VMware vCenter
        • Add virtual machines hosted on VMware vCloud
        • Change IP address or FQDN of NSX Manager
        • Add an ESXi to a protected NSX cluster
      • Control CPU usage
      • Migrate to the new cloud connector functionality
      • Protect Docker containers
      • Protect OpenShift containers
    • Configure policies
      • Create policies
      • Policies, inheritance, and overrides
      • Manage and run recommendation scans
      • Detect and configure the interfaces available on a computer
      • Overview section of the computer editor
      • Overview section of the policy editor
      • Network engine settings
      • User mode solution
      • Define rules, lists, and other common objects used by policies
        • About common objects
        • Create a firewall rule
        • Configure intrusion prevention rules
        • Create an Integrity Monitoring rule
        • Define a Log Inspection rule for use in policies
        • Create a list of directories for use in policies
        • Create a list of file extensions for use in policies
        • Create a list of files for use in policies
        • Create a list of IP addresses for use in policies
        • Create a list of ports for use in policies
        • Create a list of MAC addresses for use in policies
        • Define contexts for use in policies
        • Define stateful firewall configurations
        • Define a schedule that you can apply to rules
    • Configure protection modules
      • Configure Anti-Malware
        • About Anti-Malware
        • Set up Anti-Malware
          • Enable and configure anti-malware
          • Configure malware scans and exclusions
          • Performance tips for anti-malware
          • Coexistence of Deep Security Agent with Microsoft Defender Antivirus
          • Virtual Appliance Scan Caching
        • Detect emerging threats using Predictive Machine Learning
        • Detect emerging threats using Threat Intelligence
        • Enhanced anti-malware and ransomware scanning with behavior monitoring
        • Smart Protection in Deep Security
        • Handle malware
          • View and restore identified malware
          • Configure advanced exploit exceptions
          • Increase debug logging for anti-malware in protected Linux instances
      • Configure Web Reputation
      • Configure Intrusion Prevention (IPS)
        • About Intrusion Prevention
        • Set up Intrusion Prevention
        • Configure intrusion prevention rules
        • Configure an SQL injection prevention rule
        • Application types
        • Inspect TLS traffic
        • TLS inspection support
        • Configure anti-evasion settings
        • Performance tips for intrusion prevention
      • Configure Firewall
        • About Firewall
        • Set up the Deep Security firewall
        • Create a firewall rule
        • Allow trusted traffic to bypass the firewall
        • Firewall rule actions and priorities
        • Firewall settings
        • Firewall settings with Oracle RAC
        • Define stateful firewall configurations
        • Scan for open ports
        • Container Firewall rules
      • Configure Device Control
      • Configure Integrity Monitoring
        • About Integrity Monitoring
        • Set up Integrity Monitoring
        • Create an Integrity Monitoring rule
        • Integrity Monitoring rules language
          • About the Integrity Monitoring rules language
          • DirectorySet
          • FileSet
          • GroupSet
          • InstalledSoftwareSet
          • PortSet
          • ProcessSet
          • RegistryKeySet
          • RegistryValueSet
          • ServiceSet
          • UserSet
          • WQLSet
        • Virtual Appliance Scan Caching
      • Configure Log Inspection
        • About Log Inspection
        • Set up Log Inspection
        • Define a Log Inspection rule for use in policies
      • Configure Application Control
        • About Application Control
        • Set up Application Control
        • Verify that Application Control is enabled
        • Monitor Application Control events
        • View and change Application Control rulesets
        • Application Control Trust Entities
        • Reset Application Control after too much software change
        • Use the API to create shared and global rulesets
    • Configure events and alerts
      • About Deep Security event logging
      • Log and event storage best practices
      • Anti-Malware scan failures and cancellations
      • Apply tags to identify and group events
      • Reduce the number of logged events
      • Rank events to quantify their importance
      • Forward events to a Syslog or SIEM server
        • Forward Deep Security events to a Syslog or SIEM server
        • Syslog message formats
        • Configure Red Hat Enterprise Linux to receive event logs
      • Access events with Amazon SNS
        • Set up Amazon SNS
        • SNS configuration in JSON format
        • Events in JSON format
      • Forward system events to a remote computer via SNMP
      • Configure alerts
      • Configure SMTP settings for email notifications
      • Generate reports about alerts and other activity
      • About attack reports
      • Lists of events and alerts
        • Predefined alerts
        • Agent events
        • System events
        • Application Control events
        • Anti-malware events
        • Device Control events
        • Firewall events
        • Intrusion prevention events
        • Integrity monitoring events
        • Log inspection events
        • Web reputation events
      • Troubleshoot common events, alerts, and errors
        • Why am I seeing firewall events when the firewall module is off?
        • Troubleshoot event ID 771 "Contact by Unrecognized Client"
        • Troubleshoot "Smart Protection Server disconnected" errors
        • Error: Activation Failed
        • Error: Agent version not supported
        • Error: Anti-Malware Engine Offline
        • Error: Device Control Engine Offline
        • Error: Check Status Failed
        • Error: Installation of Feature 'dpi' failed: Not available: Filter
        • Error: Integrity Monitoring Engine Offline and other errors occur after activating a virtual machine
        • Error: Interface out of sync
        • Error: Intrusion Prevention Rule Compilation Failed
        • Error: Log Inspection Rules Require Log Files
        • Error: Module installation failed (Linux)
        • Error: There are one or more application type conflicts on this computer
        • Error: Unable to connect to the cloud account
        • Error: Unable to resolve instance hostname
        • Alert: Integrity Monitoring information collection has been delayed
        • Alert: Manager Time Out of Sync
        • Alert: The memory warning threshold of Manager Node has been exceeded
        • Event: Max TCP connections
        • Warning: Anti-Malware Engine has only Basic Functions
        • Warning: Census, Good File Reputation, and Predictive Machine Learning Service Disconnected
        • Warning: Insufficient disk space
        • Warning: Reconnaissance Detected
    • Configure proxies
      • Configure proxies
      • Proxy settings
    • Configure relays
      • How relays work
      • Deploy additional relays
      • Remove relay functionality from an agent
    • Manage agents (protected computers)
      • Computer and agent statuses
      • Configure agent version control
      • Configure teamed NICs
      • Agent-manager communication
      • Configure agents that have no internet access
      • Activate and protect agents using agent-initiated activation and communication
      • Automatically upgrade agents on activation
      • Using Deep Security with iptables
      • Enable or disable agent self-protection on Windows
      • Enable or disable agent self-protection on Linux
      • Are offline agents still protected by Deep Security?
      • Automate offline computer removal with inactive agent cleanup
      • Agent settings
      • User mode solution
      • Deep Security notifier
    • Manage users
      • Add and manage users
      • Define roles for users
      • Add users who can only receive reports
      • Create an API key for a user
      • Unlock a locked out user name
      • Implement SAML single sign-on (SSO)
        • About SAML single sign-on (SSO)
        • Configure SAML single sign-on
        • Configure SAML single sign-on with Microsoft Entra ID
    • Manage the database
      • General database maintenance
      • Maintain PostgreSQL
      • Maintain Microsoft SQL Server Express
      • Migrate Microsoft SQL Server Express to Enterprise
      • Back up and restore your database
    • Navigate and customize Deep Security Manager
      • Customize the dashboard
      • Group computers dynamically with smart folders
      • Customize advanced system settings
    • Harden Deep Security
      • About Deep Security hardening
      • Protect Deep Security Manager with an agent
      • Protect Deep Security Agent
      • Replace the Deep Security Manager TLS certificate
      • Update the load balancer's certificate
      • Encrypt communication between the Deep Security Manager and the database
      • Change the Deep Security Manager database password
      • Configure HTTP security headers
      • Upgrade the Deep Security cryptographic algorithm
      • Enforce user password rules
      • Set up multi-factor authentication
      • Manage trusted certificates
      • SSL implementation and credential provisioning
      • If I have disabled the connection to the Smart Protection Network, is any other information sent to Trend Micro?
    • Upgrade Deep Security
      • About upgrades
      • Apply security updates
      • Disable emails for New Pattern Update alerts
      • Use a web server to distribute software updates
      • Upgrade Deep Security Manager
      • Upgrade Deep Security Relay
      • Upgrade Deep Security Agent
      • Upgrade Deep Security Virtual Appliance
        • Check if new appliance software is available
        • Before upgrading the appliance
        • Upgrade the appliance
      • Upgrade the database
      • Error: The installer could not establish a secure connection to the database server
      • Upgrade the NSX license for more Deep Security features
      • Migrate an agentless solution from NSX-V to NSX-T
    • Uninstall Deep Security
      • Uninstall Deep Security
      • Uninstall Deep Security from your NSX environment
    • Configure Deep Security Manager memory usage
    • Restart the Deep Security Manager
    • Check your license information
    • Upgrade Deep Security to Trend Vision One Endpoint Security - Server & Workload Protection
      • Upgrade to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate policies to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate common objects to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate cloud accounts to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate agents to Trend Vision One Endpoint Security - Server & Workload Protection
    • Migrate Deep Security to Trend Cloud One - Endpoint & Workload Security
      • Migrate to Trend Cloud One - Endpoint & Workload Security
      • Migrate policies to Trend Cloud One - Endpoint & Workload Security
      • Migrate common objects to Trend Cloud One - Endpoint & Workload Security
      • Migrate cloud accounts to Trend Cloud One - Endpoint & Workload Security
      • Migrate agents to Trend Cloud One - Endpoint & Workload Security
  • DevOps, automation, and APIs
    • About DevOps, automation, and APIs
    • Trend Micro Hybrid Cloud Security Command Line Interface (THUS)
    • Command-line basics
    • Use the Deep Security API to automate tasks
    • Schedule Deep Security to perform tasks
    • Automatically perform tasks when a computer is added or changed (event-based tasks)
    • AWS Auto Scaling and Deep Security
    • Azure virtual machine scale sets and Deep Security
    • GCP auto scaling and Deep Security
    • Use deployment scripts to add and protect computers
    • URL format for download of the agent
    • Automatically assign policies using cloud provider tags/labels
  • Trust and compliance
    • About compliance
    • Agent package integrity check
    • Meet PCI DSS requirements with Deep Security
    • Common Criteria configuration
    • GDPR
    • FIPS 140 support
    • Bypass vulnerability management scan traffic in Deep Security
    • Use TLS 1.2 with Deep Security
    • Enable TLS 1.2 strong cipher suites
    • Legal disclosures
      • Privacy and personal data collection disclosure
      • Deep Security Product Usage Data Collection
      • Legal disclaimer
  • Integrations
    • Integrate with AWS Control Tower
    • Integrate with AWS Systems Manager Distributor
    • Integrate with SAP NetWeaver
    • Integrate with Trend Vision One
      • Integrate with Trend Vision One (XDR)
      • Integrate with Trend Vision One Service Gateway
  • FAQs
    • Why does my Windows machine lose network connectivity when I turn on protection?
    • How do I get news about Deep Security?
    • How does agent protection work for Solaris zones?
    • How do I protect AWS GovCloud (US) instances?
    • How do I protect Azure Government instances?
    • How does Deep Security Agent use the Amazon Instance Metadata Service?
    • How can I minimize heartbeat alerts for offline environments in an AWS Elastic Beanstalk environment?
    • Why can't I add my Azure server using the Azure cloud connector?
    • Why can't I view all of the VMs in an Azure subscription in Deep Security?
    • Deep Security coverage of Log4j vulnerability
  • Troubleshooting
    • Offline agent
    • High CPU usage
    • Diagnose problems with agent deployment (Windows)
    • "Anti-Malware Driver Offline" status with VMware
    • Anti-Malware Windows platform update failed
    • Performance issues on an agentless virtual machine
    • Security update connectivity
    • SQL Server domain authentication problems
    • Prevent MTU-related agent communication issues across Amazon Virtual Private Clouds (VPC)
    • Create a diagnostic package
    • Increase verbose diagnostic package process memory
    • Removal of older software versions
    • Troubleshoot SELinux alerts
    • Troubleshoot Azure code signing
    • Network Engine Status (Windows OS)
  • PDFs
    • Deep Security Administration Guide
    • Deep Security Best Practice Guide
Add a Microsoft Azure account to Deep Security
Once you've installed Deep Security Manager, you can add and protect Microsoft Azure virtual machines by connecting a Microsoft Azure account to the Deep Security Manager. Virtual machines appear on the Computers page, where you can manage them like any other computer.
Topics in this section:
  • What are the benefits of adding an Azure account?
  • Configure a proxy setting for the Azure account
  • Add virtual machines from a Microsoft Azure account to Deep Security
  • Manage Azure classic virtual machines with the Azure Resource Manager connector
  • Remove an Azure account
  • Synchronize an Azure account

What are the benefits of adding an Azure account?

The benefits of adding an Azure account (through Deep Security Manager > Computers > Add Azure Account) instead of adding individual Azure virtual machines (through Deep Security Manager > Computers > Add Computer), are:
  • Changes in your Azure virtual machine inventory are automatically reflected in Deep Security Manager. For example, if you delete a number of instances in Azure, those instances disappear automatically from the manager. By contrast, if you use Computers > Add Computer, Azure instances that are deleted from Azure remain visible in the manager until they are manually deleted.
  • Virtual machines are organized into their own branch in the manager, which lets you easily see which Azure instances are protected and which are not. Without the Azure account, all your virtual machines appear at the same root level under Computers.

Configure a proxy setting for the Azure account

You can configure the Deep Security Manager to use a proxy server to access resources in Azure accounts. For details, see Connect to cloud accounts via proxy.

Add virtual machines from a Microsoft Azure account to Deep Security

Add your Microsoft Azure account to Deep Security following the instructions below.
  1. Before you begin, create an Azure app for Deep Security.
  2. In Deep Security Manager, go to Computers > Add > Add Azure Account.
    Note
    Note
    As of Deep Security Manager 12.0, 'Quick' mode is no longer available. If you used Quick mode in prior releases, there is no impact to your deployment. All new Azure Cloud accounts must use the advanced method.
  3. Enter a Display name, and then enter the following Azure access information you recorded in step 1:
    • Directory ID
    • Subscription ID
    • Application ID
    Note
    Note
    If you are upgrading from the Azure classic connector to the Azure Resource Manager connector, the Display name and the Subscription ID of the existing connector will be used.
    Note
    Note
    If you have multiple Azure subscriptions, specify only one in the Subscription ID field. You can add the rest later.
  4. Select the type of application credential that you want to use (Password or Certificate) and then provide the credential information:
    • For Password:
      • In the Application Password field, enter the client secret.
    • For Certificate:
      • Next to Certificate, click Choose File and upload the certificate.
      • Next to Private Key, click Choose File and upload the private key.
      • If the private key is protected by a password, enter it in Private Key Password (optional).
      Note
      Note
      The certificate must be in X.509 PEM text format and must be within its validity period. Binary format is not supported.
  5. Click Next.
  6. Review the summary information, and then click Finish.
  7. Repeat this procedure for each Azure subscription, specifying a different Subscription ID each time.
The Azure virtual machines will appear in the Deep Security Manager under their own branch on the Computers page.
Tip
Tip
You can right-click your Azure account name and select Synchronize Now to see the latest set of Azure VMs.
Tip
Tip
You will see all the virtual machines in the account. If you'd like to only see certain virtual machines, use smart folders to limit your results. See Group computers dynamically with smart folders for more information.
Note
Note
If you have previously added virtual machines from this Azure account, they will be moved under this account in the Computers tree.

Manage Azure classic virtual machines with the Azure Resource Manager connector

You can also manage virtual machines that were added with the Azure classic connector with the Azure Resource Manager connector, allowing you to manage both your Azure classic and Azure Resource Manager virtual machines with a single connector.
For more information, see Why should I upgrade to the new Azure Resource Manager connection functionality?
  1. On the Computers page, in the Computers tree, right-click the Azure classic portal and then click Properties.
  2. Click Enable Resource Manager connection.
  3. Click Next. Follow the corresponding procedure above.

Remove an Azure account

Removing an Azure account from the Deep Security Manager will permanently remove the account from the Deep Security database. This will not affect the Azure account. Virtual machines with Deep Security Agents will continue to be protected, but will not receive security updates. If you later import these virtual machines from the same Azure account, the Deep Security Agents will download the latest security updates at the next scheduled update.
  1. Go to the Computers page, right-click on the Microsoft Azure account in the navigation panel, and select Remove Cloud Account.
  2. Confirm that you want to remove the account.
  3. The account is removed from the Deep Security Manager.

Synchronize an Azure account

When you synchronize (sync) an Azure account, Deep Security Manager connects to the Azure API to obtain and display the latest set of Azure VMs.
To force a sync immediately:
  1. In Deep Security Manager, click Computers.
  2. On the left, right-click your Azure account and select Synchronize Now.
There is also a background sync that occurs every 10 minutes, and this interval is not configurable. If you force a sync, the background sync is unaffected and continues to occur according to its original schedule.
Was this article helpful?
Online Help Center
Support
For Home For Business
Privacy Notice
© 2025 Trend Micro Incorporated. All rights reserved.
Table of Contents
  • About Deep Security
    • Deep Security 20 release strategy and lifecycle policy
    • Deep Security life cycle dates
      • Deep Security LTS lifecycle dates
      • Deep Security FR life cycle dates
    • About the Deep Security components
    • About the Deep Security protection modules
  • About this release
    • What's new?
      • What's new in Deep Security Manager?
      • What's new in Deep Security Agent?
      • What's new in Deep Security Virtual Appliance?
  • Compatibility
    • System requirements
    • Agent requirements
      • Agent platform compatibility
      • Linux kernel compatibility
      • Linux file system compatibility
      • Linux systemd support
      • Linux Secure Boot support
      • SELinux support
      • Supported features by platform
    • Sizing
      • Deep Security Manager performance features
    • Port numbers, URLs, and IP addresses
  • Get Started
    • Check digital signatures on software packages
    • Deploy Deep Security Manager
      • Prepare a database
        • Database requirements
        • Install a database server
        • Configure the database
      • Run a readiness check
      • Install Deep Security Manager
      • Install Deep Security Manager silently
      • Add activation codes
      • Set up multi-tenancy
        • Set up a multi-tenant environment
        • Multi-tenant settings
      • Set up multiple nodes
        • Install Deep Security Manager on multiple nodes
        • View active Deep Security Manager nodes
    • Deploy Deep Security Relay
    • Deploy Deep Security Agent
      • Get Deep Security Agent software
      • Configure Linux Secure Boot for agents
      • Install the agent
      • Install the agent on Amazon EC2 and WorkSpaces
      • Install the agent on an AMI or WorkSpace bundle
      • Install the agent on Azure VMs
      • Install the agent on Google Cloud Platform VMs
      • Install the agent on VMware vCloud
      • Activate the agent
      • Common issues when installing or updating the agent
    • Deploy Deep Security Virtual Appliance
      • Protection for VMware environments
      • Choose agentless vs. combined mode protection
      • Before deploying the appliance
      • Configure VMware DRS
      • Deploy the appliance (NSX-T 3.x)
        • Import the appliance
        • Prepare Fabric settings
        • Add vCenter to Deep Security Manager
        • Install the appliance on NSX-T 3.x
        • Create a group for protection
        • Configure east-west security
        • Configure Endpoint Protection
        • Configure activation
        • Next steps (how to add new VMs)
      • Deploy the appliance (NSX-V)
      • Deploy the appliance in a vCloud environment
      • Automated policy management in NSX environments
      • Synchronize Deep Security policies with NSX
      • Configure DPDK mode
      • Configure NSX security tags
      • Configure the appliance OVF location
      • Deep Security Virtual Appliance memory allocation
      • Start or stop the appliance
    • Deploy Deep Security notifier
  • User Guide
    • Add computers
      • About adding computers
      • Add local network computers
      • Add Active Directory computers
      • Add AWS instances
        • About adding AWS accounts
        • Add an AWS account using a manager instance role
        • Add an AWS account using an access key
        • Add an AWS account using a cross-account role
        • Add Amazon WorkSpaces
        • Manage an AWS account
        • Manage an AWS account external ID
        • Manage AWS regions
        • Protect an account running in AWS Outposts
      • Add Azure instances
        • Create an Azure application for Deep Security
        • Add a Microsoft Azure account to Deep Security
        • Why should I upgrade to the new Azure Resource Manager connection functionality?
      • Add GCP instances
        • Create a Google Cloud Platform service account
        • Add a Google Cloud Platform account
      • Add VMWare VMs
        • Add a VMware vCenter
        • Add virtual machines hosted on VMware vCloud
        • Change IP address or FQDN of NSX Manager
        • Add an ESXi to a protected NSX cluster
      • Control CPU usage
      • Migrate to the new cloud connector functionality
      • Protect Docker containers
      • Protect OpenShift containers
    • Configure policies
      • Create policies
      • Policies, inheritance, and overrides
      • Manage and run recommendation scans
      • Detect and configure the interfaces available on a computer
      • Overview section of the computer editor
      • Overview section of the policy editor
      • Network engine settings
      • User mode solution
      • Define rules, lists, and other common objects used by policies
        • About common objects
        • Create a firewall rule
        • Configure intrusion prevention rules
        • Create an Integrity Monitoring rule
        • Define a Log Inspection rule for use in policies
        • Create a list of directories for use in policies
        • Create a list of file extensions for use in policies
        • Create a list of files for use in policies
        • Create a list of IP addresses for use in policies
        • Create a list of ports for use in policies
        • Create a list of MAC addresses for use in policies
        • Define contexts for use in policies
        • Define stateful firewall configurations
        • Define a schedule that you can apply to rules
    • Configure protection modules
      • Configure Anti-Malware
        • About Anti-Malware
        • Set up Anti-Malware
          • Enable and configure anti-malware
          • Configure malware scans and exclusions
          • Performance tips for anti-malware
          • Coexistence of Deep Security Agent with Microsoft Defender Antivirus
          • Virtual Appliance Scan Caching
        • Detect emerging threats using Predictive Machine Learning
        • Detect emerging threats using Threat Intelligence
        • Enhanced anti-malware and ransomware scanning with behavior monitoring
        • Smart Protection in Deep Security
        • Handle malware
          • View and restore identified malware
          • Configure advanced exploit exceptions
          • Increase debug logging for anti-malware in protected Linux instances
      • Configure Web Reputation
      • Configure Intrusion Prevention (IPS)
        • About Intrusion Prevention
        • Set up Intrusion Prevention
        • Configure intrusion prevention rules
        • Configure an SQL injection prevention rule
        • Application types
        • Inspect TLS traffic
        • TLS inspection support
        • Configure anti-evasion settings
        • Performance tips for intrusion prevention
      • Configure Firewall
        • About Firewall
        • Set up the Deep Security firewall
        • Create a firewall rule
        • Allow trusted traffic to bypass the firewall
        • Firewall rule actions and priorities
        • Firewall settings
        • Firewall settings with Oracle RAC
        • Define stateful firewall configurations
        • Scan for open ports
        • Container Firewall rules
      • Configure Device Control
      • Configure Integrity Monitoring
        • About Integrity Monitoring
        • Set up Integrity Monitoring
        • Create an Integrity Monitoring rule
        • Integrity Monitoring rules language
          • About the Integrity Monitoring rules language
          • DirectorySet
          • FileSet
          • GroupSet
          • InstalledSoftwareSet
          • PortSet
          • ProcessSet
          • RegistryKeySet
          • RegistryValueSet
          • ServiceSet
          • UserSet
          • WQLSet
        • Virtual Appliance Scan Caching
      • Configure Log Inspection
        • About Log Inspection
        • Set up Log Inspection
        • Define a Log Inspection rule for use in policies
      • Configure Application Control
        • About Application Control
        • Set up Application Control
        • Verify that Application Control is enabled
        • Monitor Application Control events
        • View and change Application Control rulesets
        • Application Control Trust Entities
        • Reset Application Control after too much software change
        • Use the API to create shared and global rulesets
    • Configure events and alerts
      • About Deep Security event logging
      • Log and event storage best practices
      • Anti-Malware scan failures and cancellations
      • Apply tags to identify and group events
      • Reduce the number of logged events
      • Rank events to quantify their importance
      • Forward events to a Syslog or SIEM server
        • Forward Deep Security events to a Syslog or SIEM server
        • Syslog message formats
        • Configure Red Hat Enterprise Linux to receive event logs
      • Access events with Amazon SNS
        • Set up Amazon SNS
        • SNS configuration in JSON format
        • Events in JSON format
      • Forward system events to a remote computer via SNMP
      • Configure alerts
      • Configure SMTP settings for email notifications
      • Generate reports about alerts and other activity
      • About attack reports
      • Lists of events and alerts
        • Predefined alerts
        • Agent events
        • System events
        • Application Control events
        • Anti-malware events
        • Device Control events
        • Firewall events
        • Intrusion prevention events
        • Integrity monitoring events
        • Log inspection events
        • Web reputation events
      • Troubleshoot common events, alerts, and errors
        • Why am I seeing firewall events when the firewall module is off?
        • Troubleshoot event ID 771 "Contact by Unrecognized Client"
        • Troubleshoot "Smart Protection Server disconnected" errors
        • Error: Activation Failed
        • Error: Agent version not supported
        • Error: Anti-Malware Engine Offline
        • Error: Device Control Engine Offline
        • Error: Check Status Failed
        • Error: Installation of Feature 'dpi' failed: Not available: Filter
        • Error: Integrity Monitoring Engine Offline and other errors occur after activating a virtual machine
        • Error: Interface out of sync
        • Error: Intrusion Prevention Rule Compilation Failed
        • Error: Log Inspection Rules Require Log Files
        • Error: Module installation failed (Linux)
        • Error: There are one or more application type conflicts on this computer
        • Error: Unable to connect to the cloud account
        • Error: Unable to resolve instance hostname
        • Alert: Integrity Monitoring information collection has been delayed
        • Alert: Manager Time Out of Sync
        • Alert: The memory warning threshold of Manager Node has been exceeded
        • Event: Max TCP connections
        • Warning: Anti-Malware Engine has only Basic Functions
        • Warning: Census, Good File Reputation, and Predictive Machine Learning Service Disconnected
        • Warning: Insufficient disk space
        • Warning: Reconnaissance Detected
    • Configure proxies
      • Configure proxies
      • Proxy settings
    • Configure relays
      • How relays work
      • Deploy additional relays
      • Remove relay functionality from an agent
    • Manage agents (protected computers)
      • Computer and agent statuses
      • Configure agent version control
      • Configure teamed NICs
      • Agent-manager communication
      • Configure agents that have no internet access
      • Activate and protect agents using agent-initiated activation and communication
      • Automatically upgrade agents on activation
      • Using Deep Security with iptables
      • Enable or disable agent self-protection on Windows
      • Enable or disable agent self-protection on Linux
      • Are offline agents still protected by Deep Security?
      • Automate offline computer removal with inactive agent cleanup
      • Agent settings
      • User mode solution
      • Deep Security notifier
    • Manage users
      • Add and manage users
      • Define roles for users
      • Add users who can only receive reports
      • Create an API key for a user
      • Unlock a locked out user name
      • Implement SAML single sign-on (SSO)
        • About SAML single sign-on (SSO)
        • Configure SAML single sign-on
        • Configure SAML single sign-on with Microsoft Entra ID
    • Manage the database
      • General database maintenance
      • Maintain PostgreSQL
      • Maintain Microsoft SQL Server Express
      • Migrate Microsoft SQL Server Express to Enterprise
      • Back up and restore your database
    • Navigate and customize Deep Security Manager
      • Customize the dashboard
      • Group computers dynamically with smart folders
      • Customize advanced system settings
    • Harden Deep Security
      • About Deep Security hardening
      • Protect Deep Security Manager with an agent
      • Protect Deep Security Agent
      • Replace the Deep Security Manager TLS certificate
      • Update the load balancer's certificate
      • Encrypt communication between the Deep Security Manager and the database
      • Change the Deep Security Manager database password
      • Configure HTTP security headers
      • Upgrade the Deep Security cryptographic algorithm
      • Enforce user password rules
      • Set up multi-factor authentication
      • Manage trusted certificates
      • SSL implementation and credential provisioning
      • If I have disabled the connection to the Smart Protection Network, is any other information sent to Trend Micro?
    • Upgrade Deep Security
      • About upgrades
      • Apply security updates
      • Disable emails for New Pattern Update alerts
      • Use a web server to distribute software updates
      • Upgrade Deep Security Manager
      • Upgrade Deep Security Relay
      • Upgrade Deep Security Agent
      • Upgrade Deep Security Virtual Appliance
        • Check if new appliance software is available
        • Before upgrading the appliance
        • Upgrade the appliance
      • Upgrade the database
      • Error: The installer could not establish a secure connection to the database server
      • Upgrade the NSX license for more Deep Security features
      • Migrate an agentless solution from NSX-V to NSX-T
    • Uninstall Deep Security
      • Uninstall Deep Security
      • Uninstall Deep Security from your NSX environment
    • Configure Deep Security Manager memory usage
    • Restart the Deep Security Manager
    • Check your license information
    • Upgrade Deep Security to Trend Vision One Endpoint Security - Server & Workload Protection
      • Upgrade to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate policies to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate common objects to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate cloud accounts to Trend Vision One Endpoint Security - Server & Workload Protection
      • Migrate agents to Trend Vision One Endpoint Security - Server & Workload Protection
    • Migrate Deep Security to Trend Cloud One - Endpoint & Workload Security
      • Migrate to Trend Cloud One - Endpoint & Workload Security
      • Migrate policies to Trend Cloud One - Endpoint & Workload Security
      • Migrate common objects to Trend Cloud One - Endpoint & Workload Security
      • Migrate cloud accounts to Trend Cloud One - Endpoint & Workload Security
      • Migrate agents to Trend Cloud One - Endpoint & Workload Security
  • DevOps, automation, and APIs
    • About DevOps, automation, and APIs
    • Trend Micro Hybrid Cloud Security Command Line Interface (THUS)
    • Command-line basics
    • Use the Deep Security API to automate tasks
    • Schedule Deep Security to perform tasks
    • Automatically perform tasks when a computer is added or changed (event-based tasks)
    • AWS Auto Scaling and Deep Security
    • Azure virtual machine scale sets and Deep Security
    • GCP auto scaling and Deep Security
    • Use deployment scripts to add and protect computers
    • URL format for download of the agent
    • Automatically assign policies using cloud provider tags/labels
  • Trust and compliance
    • About compliance
    • Agent package integrity check
    • Meet PCI DSS requirements with Deep Security
    • Common Criteria configuration
    • GDPR
    • FIPS 140 support
    • Bypass vulnerability management scan traffic in Deep Security
    • Use TLS 1.2 with Deep Security
    • Enable TLS 1.2 strong cipher suites
    • Legal disclosures
      • Privacy and personal data collection disclosure
      • Deep Security Product Usage Data Collection
      • Legal disclaimer
  • Integrations
    • Integrate with AWS Control Tower
    • Integrate with AWS Systems Manager Distributor
    • Integrate with SAP NetWeaver
    • Integrate with Trend Vision One
      • Integrate with Trend Vision One (XDR)
      • Integrate with Trend Vision One Service Gateway
  • FAQs
    • Why does my Windows machine lose network connectivity when I turn on protection?
    • How do I get news about Deep Security?
    • How does agent protection work for Solaris zones?
    • How do I protect AWS GovCloud (US) instances?
    • How do I protect Azure Government instances?
    • How does Deep Security Agent use the Amazon Instance Metadata Service?
    • How can I minimize heartbeat alerts for offline environments in an AWS Elastic Beanstalk environment?
    • Why can't I add my Azure server using the Azure cloud connector?
    • Why can't I view all of the VMs in an Azure subscription in Deep Security?
    • Deep Security coverage of Log4j vulnerability
  • Troubleshooting
    • Offline agent
    • High CPU usage
    • Diagnose problems with agent deployment (Windows)
    • "Anti-Malware Driver Offline" status with VMware
    • Anti-Malware Windows platform update failed
    • Performance issues on an agentless virtual machine
    • Security update connectivity
    • SQL Server domain authentication problems
    • Prevent MTU-related agent communication issues across Amazon Virtual Private Clouds (VPC)
    • Create a diagnostic package
    • Increase verbose diagnostic package process memory
    • Removal of older software versions
    • Troubleshoot SELinux alerts
    • Troubleshoot Azure code signing
    • Network Engine Status (Windows OS)
  • PDFs
    • Deep Security Administration Guide
    • Deep Security Best Practice Guide
Close