Connect a TippingPoint Security Management System (SMS) 6.1.0 or later to Network Security through a Service Gateway.
ImportantIntrusion Prevention Configuration currently only
supports policy enforcement on the first TippingPoint SMS connected to Trend Vision One. Support for policy enforcement on multiple
TippingPoint SMS deployments is coming soon.
|
Procedure
- Generate an API key to access the SMS Web API.
- From your SMS interface, select
Access SMS Web Services
capability enabled. and verify that the role for the selected user account has the - Select .
- Select the user account, and click Edit.
- Click Regenerate API Key to get a new API key.You can reset the API key for any reason. But when you do, from this point, the previous API key can no longer be used.
- From your SMS interface, select
- In the Trend Vision One console, go to .
Note
Connecting a TippingPoint SMS using a Service Gateway requires a Service Gateway 2.0 or later appliance. You can check the Service Gateway version in Service Gateway Management. - If you do not have a Service Gateway available for connecting your TippingPoint
SMS to Trend Vision One, you must install a
Service Gateway appliance .
Note
Multiple TippingPoint SMS deployments can connect to a single Service Gateway appliance.- Click Download Virtual Appliance to open the Service Gateway Virtual Appliance panel.
- Select either VMware ESXi (OVA) or Microsoft Hyper-V (VHDX) as the disk image type you want to use.
- Click Download Disk Image.
- Copy the Registration Token, which you will need when deploying the appliance.
- Install the Service Gateway virtual appliance.For detailed deployment instructions, see:For a complete list of Service Gateway system requirements, see Service Gateway appliance system requirements.
- Click Close.
- Configure the Service Gateway appliance for
use with a TippingPoint SMS.
- Click the name of the Service Gateway appliance.
- Click Manage Services.
- Click the install icon () to install and then
enable the following services.ServiceDescriptionForward proxyRequired for data sharing between the TippingPoint SMS and Trend Vision One, allowing users to view filter and profile distribution statusesSuspicious Object List SynchronizationRequired for the Suspicious Object Sync function, which synchronizes the centralized Trend Vision One Suspicious Object List with the TippingPoint SMS
Note
The Suspicious Object List Synchronization service is not required when connecting to a TippingPoint SMS 6.2.0 or later.
- In the Service Gateway Management app, record the Service
Gateway Management API key and the IP address of the Service Gateway
appliance.
- Click Manage API Key and record the API key, then click Close.
- Click the Service Gateway appliance name and record the IPv4 address.
- Configure a TippingPoint SMS connector in Trend Vision One.
-
For customers that have updated to the Foundation Services release, go to .
-
For customers using the legacy Trend Vision One console, go to .
Alternatively:- In the Trend Vision One console, go to .
- Select the Continue with TippingPoint deployment option.
- Click Connect a TippingPoint SMS.
- Follow the steps in the connection guide dialog for configuring a Service Gateway (if required), generating an enrollment token using the Product Instance app, and connecting your SMS to Trend Vision One using the SMS Client interface.
-
- Connect your TippingPoint SMS to Trend Vision One.
- On the TippingPoint SMS web management console, go to .
- Click Configure.
- Paste the enrollment token into the Enrollment
Token field.Using an enrollment token automatically provisions a one-year Trend Vision One certificate. The certificate automatically renews 30 days before expiration to avoid any gaps in security protection.
- Enable and configure the Service Gateway
function.
-
In the Service Gateway section, enable the State toggle.
-
In the IP Address field, enter the IP address of the Service Gateway.
-
In the API Key field, enter the Service Gateway Management API key.
-
- Enable and configure the Suspicious Object Sync function.
-
In the Suspicious Object Sync (Service Gateway Required) section, enable the State toggle.
-
In the Download Interval field, specify how often you want the Suspicious Object List to be synchronized.
-
- (Optional) If you would like to submit suspicious URL objects for
sandbox analysis, enable the Cloud Sandbox URL analysis.
-
In the Cloud Sandbox URL Analysis section, enable the State toggle.
-
In the Saved Query dropdown menu, select your desired query.
-
- Click Test Connectivity to verify that the TippingPoint SMS can connect to Trend Vision One.
- Click Save.
- Verify the connection status.
- In the Trend Vision One console:
-
For customers that have updated to the Foundation Services release, go to .
-
For customers using the legacy Trend Vision One console, go to .
-
- Check that the Connection status for TippingPoint Security Management System is green.
Devices managed by the TippingPoint SMS can be viewed in. - In the Trend Vision One console:
- To check for vulnerabilities and receive policy recommendations in Trend Vision One, enable the TippingPoint SMS as
an Attack Surface Risk Management data
source.
- In the Trend Vision One console, go to .
- Click Data sources.
- In the Trend Micro Security Services section, click TippingPoint Security Management System.
- Enable Data upload permission to allow the TippingPoint SMS to provide data for more comprehensive risk insights into your network activity.