Initial System configuration

This article describes the initial basic Deep Security system configuration that is required before you can start protecting your computer resources.

To complete basic Deep Security system configuration, you will need to:

  1. Make sure you have at least one Relay-enabled Agent.
  2. Configure Deep Security's ability to retrieve updates from Trend Micro.
  3. Check that you have a Scheduled Task to perform regular updates.
  4. Set up email notification of important events.

Make sure you have at least one relay-enabled Agent

The Relay is responsible for retrieving Security Updates from Trend Micro and distributing them to your protected computers, therefore you must have at least one Relay available. See Configure relays.

The Windows (64-bit) and Linux (64-bit) versions of the Deep Security Agents have built-in Relay functionality that can be enabled from the Computer editorTo open the Computer editor, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). window.

To view your Deep Security Relays, go to Administration > Updates > Relay Groups.

This will display your current Relay Groups in the Relay Groups window. Usually you will only have the single Default Relay Group.

Double-click the Default Relay Group to display its Relay Group Properties window:

In the Members area of the Relay Group Properties window you'll see the Relays that are members of the group.

If there are no computers in the Members area see Configure relays.

Configure the ability to retrieve updates from Trend Micro

Now that you've confirmed that you have a Relay, you can check that it can retrieve updates from Trend Micro.

Go to the Administration > Updates > Security and click the Check For Updates and Download button under both Pattern Updates and Rule Updates.

This will display the Download Patterns orDownload Rules Wizard, which contacts the Trend Micro Update Servers, downloads the latest Security Updates, and distributes them to your computers. If the wizard displays a success message at its completion, it means your Deep Security Relay can communicate with the update servers. If your relays can't update their components, see Configure relays.

Check that you have a scheduled task to perform regular updates

Now that you know your Relay can communicate with the Update servers, you should create a Scheduled Task that will regularly retrieve and distribute security Updates.

Go to Administration > Scheduled Tasks. You should see two default scheduled tasks: Daily Check for Security Updates and Daily Check for Software Updates:

Double-click a Scheduled Task to view its Properties window.

If you don't have a Default Check for Security Updates Scheduled Task in your list, you can create one by clicking on New on the Scheduled Task page menu bar and following the instructions in the New Scheduled Task wizard.

Set up email notification of important events

Deep Security Alerts are raised when situations occur that require special attention. Alerts can be raised due to security Events such as the detection of malware or an abnormal restart on a protected computer, or they can be system events like the Deep Security Manager running low on disk space. Deep Security can be configured to send email notifications when specific Alerts are raised.

To configure which Alerts will generate an email notification, go to the Alerts page and click Configure Alerts to display the list of Deep Security Alerts:

Double-click on an Alert to see its Properties window where you can you can set the Alert options for email notification:

Now you need to configure your User account to receive the email notifications Deep Security will send out. Go to Administration > User Management > Users and double-click on your User account to display its Properties window. Go to the Contact Information tab and enter an email address and select the Receive Alert Emails option:

In order for Deep Security to send email notification it has to be able to communicate with an SMTP server (access to an SMTP server is a requirement for email notifications). To connect the Deep Security Manager to your SMTP server, go to the Administration > System Settings > SMTP tab:

Complete the required fields in the SMTP area press test SMTP Settings at the bottom of the page when you're done. You should see a Test connection to SMTP server succeeded message. If the test fails, verify your SMTP settings, and that your server and the network allows communication on the required port numbers.

Basic configuration is complete

This completes the basic Deep Security system configuration. Deep Security is now configured to regularly contact Trend Micro for security Updates and distribute those Updates on regular basis, and it will send you email notifications when alerts are raised. Now you need to apply Deep Security protection to your computers. See Secure your endpoints with Deep Security protection modules for more information.