Integrating TippingPoint Network Sensors with Network Intrusion Prevention

Note:
  • This feature is not available in all regions.

  • This feature is only supported by TippingPoint Security Management System (SMS) 5.5.4 or later.

  • Each Service Gateway can only connect to one TippingPoint SMS console. For customers with multiple TippingPoint SMS consoles, you must deploy additional Service Gateways.

The Service Gateway must have the required services enabled (see step 5).

Service

Description

Forward proxy

Required for the Data Sharing function between TippingPoint SMS and Trend Micro Vision One which allows users to view filter and profile distribution statuses

Log forwarding

Required for the Event and Filter Sharing function which transfers detection data from TippingPoint SMS for use by the Trend Micro Vision One Search app and widgets

Suspicious Object list synchronization

Required for the Suspicious Object function which synchronizes the centralized Trend Micro Vision One Suspicious Object List with TippingPoint SMS

TippingPoint policy management

Required for filter policy distribution and enforcement from the Network Intrusion Prevention app in Trend Micro Vision One to TippingPoint SMS devices

  1. In the Trend Micro Vision One console, go to Workflow and Automation > Service Gateway Management and click the Service Gateway Management 2.0 tab.
  2. For customers that do not have an existing Service Gateway deployed, install a Service Gateway.
    1. Click Download Virtual Appliance to open the Service Gateway Virtual Appliance panel.
    2. Select either VMwas ESXi (OVA) or Microsoft Hyper-V (VHD) as the image type you want to use.
    3. Select I agree to the End User License Agreement and click Download Disk Image.
    4. Record the Registration Token that you need to apply during deployment.
    5. Install the Service Gateway virtual appliance.

      For detailed deployment instructions, see:

      For a complete list of Service Gateway system requirements, see Service Gateway Appliance System Requirements.

  3. On the Service Gateway Management 2.0 tab, click the Service Gateway name.
  4. Click Manage Services
  5. Click the install icon ( ) to install and then enable the following services.
    • Forward proxy

    • Log forwarding

    • Suspicious Object List Synchronization

    • TippingPoint policy management

  6. Record the Service Gateway IP address and the log forwarding API key that are needed for connection settings on the TippingPoint SMS console.
    • IP address: Click the Service Gateway name and record the IPv4 address.

    • API key: Click the Manage API Key button and record the API key.

  7. For users that want to use the Device Inventory Sharing service, you must enroll TippingPoint SMS to the Product Connector.
    1. Go to Point Product Connections > Product Connector.
    2. In the Product name field, select TippingPoint Security Management System.
    3. Click the Generate an enrollment token link.
    4. Copy the enrollment token for use on the TippingPoint SMS console.
    5. Click Save.
  8. On the TippingPoint SMS console, go to Administration > Trend Micro Connections.
  9. Start configuring your connection settings.
    • For new connections, click Configure.

    • For existing connections, click Configure integration settings.

    The Trend Micro Vision One Connection Settings screen appears.

  10. For users that want to monitor TippingPoint devices in the Network Intrusion Prevention inventory, enable Data Sharing:
    1. Paste the token you obtained from the Product Inventory app in the Enrollment Token field.
    2. Enable device inventory sharing with Trend Micro Vision One by enabling the State toggle in the Network Intrusion Prevention -Data Sharing section.
    3. Click Save.
  11. Connect to the Service Gateway.
    1. Specify the IPv4 address of the Service Gateway in the Gateway IP Address field.
    2. Specify the API key you obtained in the Service Gateway Management app in the API key field.
    3. Click Test Connection to verify.
    4. Click Save.
    5. Wait until synchronization with the Service Gateway completes.
  12. Enable the necessary settings for the new Service Gateway connection.
    1. In the Trend Micro Connection Settings screen, click Configure.
    2. For customers that enabled Suspicious Object List synchronization, enable the State toggle in the Suspicious Object section.
    3. Enable log forwarding with Trend Micro Vision One by enabling the State toggle in the Event and Filter Status Sharing section.
    4. Click Save.
  13. For customers that want to check for vulnerabilities and receive policy recommendations, enable the Risk Insights data source.
    1. In the Trend Micro Vision One console, go to Risk Insights > Executive Dashboard and click Data Source.
    2. In the Trend Micro Security Services section, click TippingPoint Security Management System.
    3. Allow TippingPoint Security Management System (SMS) to act as a data source to gain more comprehensive risk insights into your network activity by enabling the Data upload permission toggle.