Getting Started With Zero Trust Secure Access

Provide a recommended procedure for setting up the Zero Trust Secure Access solution in your network environment and on the Trend Micro Vision One console.

  1. Configure the Trend Micro private access service or internet access service as needed.
    • Private access service: Go to the Private Access Configuration screen to deploy the Trend Micro private access service if you want to control access to the internal resources of your organization.

      1. Deploy a group of Private Access Connectors close to the internal apps that you want to protect.

      2. Add the internal apps that you want to enforce access control and associate each of them with a connector group in the same environment.

      3. Deploy the Secure Access Module to the endpoints that you want to manage.

        Important:

        Make sure you have configured SAML single sign-on under Administration > Single Sign-On. Trend Micro Vision One works with your SAML-based IDP vendor to authenticate your company's end users when they sign in to and use the Module.

    • Internet access service: Go to the Internet Access Configuration screen deploy the Trend Micro internet access service if you want to control access to the cloud apps and external URLs.

      1. Create a cloud Internet Access Gateway (identifying user traffic from a known location) or use the default Gateway (identifying remote user traffic from an unknown location) to analyze end users' web activity and enforce internet access control.

      2. Deploy the Secure Access Module to the endpoints that you want to manage to forward their web traffic to an appropriate Internet Access Gateway.

        Note:

        Alternatively, you can create a Proxy Auto Configuration (PAC) file on the Trend Micro Vision One console and manually deploy it to client browsers to forward web traffic from your endpoints to the Internet Access Gateway.

      3. Turn on the Internet Access Control toggle on the Internet Access Configuration screen to make the internet access service work.

  2. Go to the Secure Access Rules screen to configure rules to enforce access control by risk, identity, time, and location.

    For more information, see Secure Access Rules.

  3. Go to the Secure Access Overview screen to view the access control statistics for risk investigation and rule adjustment.
  4. Go to the Access Control History screen to view access control logs.