Views:

Connect a TippingPoint Security Management System (SMS) 6.1.0 or later to Network Security directly over the internet or through an HTTP proxy.

Starting from TippingPoint SMS 6.1.0, connecting a TippingPoint SMS to Trend Vision One no longer requires the use of a Service Gateway. An internal service enables TippingPoint SMS to automatically establish and maintain a connection to Trend Vision One with an enrollment token. The connection can also be established through an HTTP proxy if the TippingPoint SMS does not have a direct internet connection.
Important
Important
  • Intrusion Prevention Configuration currently only supports policy enforcement on the first TippingPoint SMS connected to Trend Vision One. Support for policy enforcement on multiple TippingPoint SMS deployments is coming soon.
  • To enable the Suspicious Object Sync function on TippingPoint SMS 6.1.0, you must connect the TippingPoint SMS to Trend Vision One through a Service Gateway.

Procedure

  1. Generate an API key to access the SMS Web API.
    1. From your SMS interface, select AdminAuthentication and AuthorizationRoles and verify that the role for the selected user account has the Access SMS Web Services capability enabled.
    2. Select AdminAuthentication and AuthorizationUsers.
    3. Select the user account, and click Edit.
    4. Click Regenerate API Key to get a new API key.
      You can reset the API key for any reason. But when you do, from this point, the previous API key can no longer be used.
  2. If your TippingPoint SMS does not have a direct connection to the internet, configure an HTTP proxy.
    1. In the TippingPoint SMS client, go to AdminServer Properties and click the Network tab.
    2. In the HTTP Proxy section, select Proxy Internet Connections.
    3. Enter the IP address or hostname of the proxy server in the Proxy Server Host field.
    4. Enter the port of the proxy server in the Proxy Server Port field.
    5. If the proxy server requires authentication, select Use Proxy Authentication and provide the user name and password in the Username and Password fields, respectively.
    6. Click Apply.
  3. Configure a TippingPoint SMS connector in Trend Vision One.
    • For customers that have updated to the Foundation Services release, go to Service ManagementProduct Instance.
    • For customers using the legacy Trend Vision One console, go to Point Product ConnectionProduct Connector.
    Alternatively:
    1. In the Trend Vision One console, go to Network SecurityNetwork Inventory.
    2. Select the Continue with TippingPoint deployment option.
    3. Click Connect a TippingPoint SMS.
    4. Follow the steps in the connection guide dialog for configuring a Service Gateway (if required), generating an enrollment token using the Product Instance app, and connecting your SMS to Trend Vision One using the SMS Client interface.
  4. Connect your TippingPoint SMS to Trend Vision One.
    1. On the TippingPoint SMS web management console, go to AdministrationConnect to Trend Vision One.
    2. Click Configure.
    3. Paste the enrollment token into the Enrollment Token field.
      Using an enrollment token automatically provisions a one-year Trend Vision One certificate. The certificate automatically renews 30 days before expiration to avoid any gaps in security protection.
    4. (Optional) If you would like to submit suspicious URL objects for sandbox analysis, enable the Cloud Sandbox URL analysis.
      1. In the Cloud Sandbox URL Analysis section, enable the State toggle.
      2. In the Saved Query dropdown menu, select your desired query.
    5. Click Test Connectivity to verify that the TippingPoint SMS can connect to Trend Vision One.
    6. Click Save.
  5. Verify the connection status.
    1. In the Trend Vision One console:
      • For customers that have updated to the Foundation Services release, go to Point Product ConnectionProduct Instance.
      • For customers using the legacy Trend Vision One console, go to Point Product ConnectionProduct Connector.
    2. Check that the Connection status for TippingPoint Security Management System is green.
    Devices managed by the TippingPoint SMS can be viewed in Network SecurityNetwork Inventory.
  6. To check for vulnerabilities and receive policy recommendations in Trend Vision One, enable the TippingPoint SMS as an Attack Surface Risk Management data source.
    1. In the Trend Vision One console, go to Attack Surface Risk ManagementExecutive Dashboard.
    2. Click Data sources.
    3. In the Trend Micro Security Services section, click TippingPoint Security Management System.
    4. Enable Data upload permission to allow the TippingPoint SMS to provide data for more comprehensive risk insights into your network activity.