Trend Micro Vision One enables sharing of suspicious object data with Palo Alto Panorama through a Service Gateway.
Configure sharing of suspicious object data with this integration through a Service Gateway.
At least one Service Gateway must be configured to enable integration.
For more information, see Service Gateway Inventory.
Risk level: Select the risk level of the suspicious object data to include in the shared data.
Frequency: Select the frequency at which suspicious object data is shared.
URL parameters: Select whether to remove query strings from URLs.
The Service Gateway Connection panel appears.
Select a Service Gateway.
Configure the integration server settings.
(Optional) Click Test Connection to verify if the settings are valid.
The connection configuration is added to the list.
Click the Generate Now icon () to generate suspicious object data sharing files immediately.
Hover over the Copy URL icon () to copy the suspicious object data sharing URLs to use on your integration.
The following steps were performed using version 8.0 of the PAN-OS web interface.
If you are using a different version, refer to the documentation for your version.
Name: Type a name for the list.
Type: Select Domain List or URL List.
Description: Type a description to help you identify this list.
Source: Paste the suspicious object data sharing URL that you obtained from the Trend Micro Vision One console.
Check for updates: Select the interval at which this external dynamic list checks for updates.
Trend Micro recommends matching the update interval to the suspicious object data sharing Frequency configured on Trend Micro Vision One.
(Optional) Click Test Source URL to test if the URL is accessible.
Your Palo Alto Panorama appliance is configured to retrieve suspicious object data from the Trend Micro Vision One Service Gateway.