Views:
Trend Micro Managed Detection and Response (MDR) detects and responds to threats across email, servers, cloud workloads and networks. Deep Security can send server activity metadata and Integrity Monitoring data to the MDR server for correlation and visibility across physical, virtual, and cloud workloads. For more information about MDR, see XDR - Managed Detection and Response Service.
To enable Managed Detection and Response:
  1. Obtain the following information from your Threat Investigation Center administrator:
    • Threat Investigation Center Server URL
    • Company GUID
    • Data Source GUID
    • (Optional) Proxy server address
  2. For primary tenants in multi-tenant environments, go to Administration > System Settings > Tenants. Select Allow tenants to use Primary Tenant's Managed Detection and Response setting.
  3. Go to Deep Security Manager > Administration > Managed Detection and Response.
  4. Click Enable the MDR service and fill in the following information:
    • Server URL (for example: "https://[server]/"): The Threat Investigation Center Server URL
    • Company GUID
    • Data Source GUID
  5. If required, you can choose to use a proxy to access MDR. Select When accessing MDR server, use proxy and click Edit to specify the proxy server address provided by your Threat Investigation Center administrator.
  6. Before saving, click Test Connection to make sure the Deep Security Manager is connected to TIC. If the connection fails, double-check that all the information entered is correct. If the connection passes, click Save.