Trend Micro Control Manager Integration

Cloud App Security integrates with Trend Micro Control Manager and supports Control Manager 6.0 Service Pack 3 Patch 1 or later.

The following features and capabilities are available on the Control Manager console if Cloud App Security is managed from Control Manager:

  • Use Single Sign-On (SSO) to access the Cloud App Security management console.

  • Add Cloud App Security data to the Data Loss Prevention and Threat Detection dashboard tabs.

  • Check the current Cloud App Security connection status.

  • Query or display logs submitted by Cloud App Security.

    Note:

    • In Control Manager 6.0 SP3 Patch 1, Cloud App Security submits only Malware Scanning logs to Control Manager.

    • From Control Manager 6.0 SP3 Patch 2, Cloud App Security submits Malware Scanning, File Blocking, Web Reputation, Virtual Analyzer, Ransomware, and Data Loss Prevention logs to Control Manager.

Parent topic: Integration with Trend Micro Products

About Trend Micro Control Manager

Trend Micro Control Manager is a central management console that manages Trend Micro products and services at the gateway, mail server, file server, and corporate desktop levels. Administrators can use the policy management feature to configure and deploy product settings to managed products and endpoints. The Control Manager web-based management console provides a single monitoring point for antivirus and content security products and services throughout the network.

Control Manager enables system administrators to monitor and report on activities such as infections, security violations, or virus/malware entry points. System administrators can download and deploy update components throughout the network, helping ensure that protection is consistent and up to date. Example update components include virus pattern files, scan engines, and anti-spam rules. Control Manager allows both manual and pre-scheduled updates. Control Manager allows the configuration and administration of products as groups or as individuals for added flexibility.

Registering Cloud App Security

Make sure you have a Customer Licensing Portal (CLP) or Licensing Management Platform (LMP) account, and both Cloud App Security and Control Manager are activated and available for use.

  1. In Control Manager, go to Administration > Managed Servers > Server Registration.
  2. Under Server Type, select Cloud App Security.
  3. Click Cloud Service Settings.
  4. Type the LMP logon URL, for example, https://clp.trendmicro.com/Dashboard?T=<tenant-id>, if you are using an LMP account. tenant-id is your company's Tenant ID. You can confirm the URL from the registration email message you received.
    Note:

    CLP users do not need to type the CLP logon URL.

  5. Specify your LMP or CLP account credentials and click OK.

    The Cloud App Security server appears in the Managed Servers list.

Managing Cloud App Security

  1. In Control Manager, perform either of the following to open the Directory Management page:

    • Go to Administration > Managed Servers > Server Registration, and then click Directory Management.

    • Go to Directories > Products, and then click Directory Management.

  2. In the product tree, click Local Folder > New Entity, and then locate and select the Cloud App Security entity.
  3. Manage the Cloud App Security entity as necessary.

Configuring Single Sign-On

  1. In Control Manager, go to Administration > Managed Servers > Server Registration.
  2. Under Server Type, select Cloud App Security.
  3. Under Server, click the server address.

    The Dashboard screen of the Cloud App Security management console opens in a new browser tab.

Checking Cloud App Security Server Status

  1. In Control Manager, go to Dashboard.
  2. Click the Summary tab.
  3. Scroll down and find the Product Connection Status widget.

    You can check the status of any Cloud App Security server registered with Control Manager.

Querying Cloud App Security Logs

Cloud App Security Malware Scanning, File blocking, Web Reputation, Virtual Analyzer, and Data Loss Prevention logs are available in Control Manager.

  1. In Control Manager, go to Logs > Log Query.

    The Log Query screen appears.

  2. Click the Virus/Malware detections drop-down list, select the type of logs to query, and then click OK.

    For more information, see Log Query Data Views in the "Trend Micro Control Manager Online Help".

  3. In the product tree, click Local Folder > New Entity, select the Cloud App Security entity, and then click OK.
  4. Select a date range and click Search.

    The log query result screen appears, showing the query results.

Viewing Data Loss Prevention Policy Violating Data

Cloud App Security transfers the content that violates Data Loss Prevention policies to Control Manager and displays it on Control Manager dashboard.

Note:

To view the violating content, make sure you have installed Control Manager 7.0 Patch 1 with hot fix 3004 or later.

  1. Go to Dashboard > DLP Incident Investigation.
  2. Click a number in the DLP Incidents by Severity and Status or DLP Incidents by User widget.

    The Incident Information screen appears.

  3. Click Action at the end of an incident row.

    The Incident Details screen appears, where the violating content is displayed under Matching content, with sensitive data masked or unmasked as configured in the corresponding Cloud App Security Data Loss Prevention policies.