[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

About the features of server security “Trend Micro Security as a Service”

2016.09.20

table of contents

1 Main security features
2 Main features
3 summary

This is Ohara from the technical sales department.

we will introduce the functions of "Trend Micro Security as a Service" that we handle

We also

provide technical support for ``Trend Micro Deep Security as a Service'', including license fees, initial settings, and security rule addition/operation

Main security features

The features of Deep Security as a Service are as follows.

Anti-malware programs
Web reputation
firewall
Intrusion detection and prevention
change monitoring
security log monitoring

Main features

■ No need to build or operate a management server

With "Deep Security as a Service,"
Trend Micro provides a management server (DSM) in the cloud, so
there is no need to build a management server for implementation.

Users can log in to the management server provided by Trend Micro in the cloud and
easily change settings and manage logs.

This reduces the man-hours required to build a management server, and
allows you to quickly build and operate a highly secure system even when building a server in a short period of time using a public cloud.

deep security

■ Internet connection to the target server to be protected

In the case of Deep Security as a Service,
the Admin Manager is hosted by Trend Micro, so
an Internet connection is required for the Admin Manager to communicate with your protected server.

deepsecurity%ef%bc%93

■ Auto-scaling compatible

installed and preset security policies can be assigned
to cloud instances that increase or decrease with Auto-Scaling reducing the burden on operational administrators to configure settings each time.
*Additional licenses are also required when protecting temporarily increased instances using the Auto-Scaling function.

FAQ

Question : Is it possible to detect tampering with web content?
Answer : Tampering can be detected by specifying the tampering target.
*However, recovery of tampered web content is not covered.

Question : Is it possible to detect unauthorized access?
Answer : The firewall function allows you to block unauthorized communications.

Question : Is it possible to prevent communication and execution of illegal SQL statements and OS commands? (SQL injection, etc.)
Answer
It is possible to block and detect attacks for which Trend Micro has established rules for SQL commands as "exploit codes."

[Exploit code]
● A program that uses security holes to reproduce the behavior of unauthorized operations.

Question : Is it possible to detect and prevent unauthorized logins?
Answer : Brute force attacks are detectable.
It does not support attacks such as password list attacks.

[Password list attack]
● This is an attack that attempts to mechanically gain access using a legitimate account and password.

Question : Is it possible to keep logs of unauthorized access?
Answer : Firewall, IPS/IDS, and Integrity Monitoring log storage is possible.

Question : Is it possible to issue an alert for virus intrusion?
Answer : You can send a notification email to the administrator when a virus is detected.
Even if you have specified a target range using the change monitoring function, or if an unknown file is installed,
it is possible to notify you after detection.

Additionally, attacks with security holes
can be monitored, blocked, and notified using the corresponding virtual patch (signature).

Question : Is it possible to store DeepSecurity operating status logs? (Operating status monitoring and reporting function)
Answer : Information such as CPU and memory load rates
is uploaded to DSM (DeepSecurity management server) on a host-by-host basis. This information can also be exported at any time.

summary

These are the characteristics of "Deep Security as a Service".

It is recommended for users who want to increase the security of their web service servers because it is equipped with flexible functions such as automatic installation with AWS Auto-Scaling.

Also, if you want to strengthen security at the web application level,
it would be a good idea to introduce a cloud-based WAF in addition to this "Deep Security as a Service".
If you are looking for a cloud-based WAF, we recommend SecureSky Technology 's "Scutum."

If you found this article helpful , please give it a like!

[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

The person who wrote this article

About the author

ohara

I started my career in the telecommunications industry as a salesperson in charge of introducing IT products such as NW services, OA equipment, and groupware for corporations.

After that, he worked as a pre-sales engineer for physical servers/hosting services and as a customer engineer for SaaS-type SFA/CRM/BtoB e-commerce at an SIer-based data center business company, before joining his current company, Beyond.

Currently, I am stationed in Shenzhen, China, the Silicon Valley of Asia, and my daily routine is to watch Chinese dramas and billbill.

Qualification: Second class bookkeeping

Points of open source monitoring tools "Zabbix" and "Nagios" [Tablet] For those who cannot run Windows 10 Anniversary Update due to insufficient space [32GB]