Ops Tools for Deep Security

A set of handy tools to make it easier to run to Deep Security.

Table of Contents

• Manager tools
• Agent tools
• Support
• Contribute

Manager Tools

Bash

config-dsRelay.sh

Query the status of, enable, or disable relay functionality on an agent

config-rehomeAwsDsManager.sh

Used by our cloud formation projects to ensure the correct cloud connector sync'd object is activated

create-iamCloudAccount.sh

Create an IAM user and associated keys, then use those keys to create the DS cloud connector

rest-cloudAccountsCreateAws.sh

Create cloud accounts for all regions

rest-cloudAccountsCreateAws.sh

Create cloud account for GovCloud

rest-tenantsCreate.sh

Create new tenant

PowerShell

config-dsRelay.ps1

Query the status of, enable, or disable relay functionality on an agent

config-ipsXforwardedForRule.ps1

Create or update an IPS rule which a list of IPS to be blocked based on header added by an AWS ELB

config-plicy-agentcomm.ps1

Configure manager agent communication direction on a policy

get-allHostsSummary.ps1

Get summary of all host objects in deep security manager similar to dashboard status widget

get-amComponentVersions.ps1

Get detailed agent and am engine versions for a host object

get-computerCreatedEvents.ps1

Get all computer created system events for a given time frame

get-firewallrules.ps1

Get all firewall rules for a given host object

get-hostIpsRules.ps1

Get all ips rules assigned to a policy for each host object in the DSM

get-hostRecoAndAssignedRules.ps1

Get count of assigned and recommended rules for each host object in the DSM

get-macFromInterfaces.ps1

Get all interfaces and their mac addresses for a given host object

get-managedHostCounts.ps1

Get a simple count of all Unmanaged vs not Unmanaged hosts in the DSM

rest-authenticationLogin.ps1

Rest call to get a Security ID token for subsequent calls. SID returned may be used for SOAP or REST calls

rest-managerInfoComponents.ps1

Rest call to get list of current components available in the DSM

setup-dsSoap.ps1

Setup script to leave the caller with a current token in $SID and ManagerService instance in $DSM for use in interactive shell. Also starting authenticaiton for new scripts

Scheduled Task Scripts

EnableStrongCiphers.script

Allows Deep Security to communicate exclusively with strong ciphers

Agent tools

awsAgentInstallSamples

UserData and CfnInit snippets for use in integrating Deep Security Agent deployment in AWS automation tooling

Bash

get-dsaPolicy.sh

Query the local DSA for its current policyid and policyname

install-dsa.sh

Working project 'one script to rule them all'; single bash script to download, install, and activate a deep security agent on any linux distro, arch, and version

Support

This is an Open Source community project. Project contributors may be able to help, depending on their time and availability. Please be specific about what you're trying to do, your system, and steps to reproduce the problem.

For bug reports or feature requests, please open an issue. You are welcome to contribute.

Official support from Trend Micro is not available. Individual contributors may be Trend Micro employees, but are not official support.

Contribute

We accept contributions from the community. To submit changes:

1. Fork this repository.
2. Create a new feature branch.
3. Make your changes.
4. Submit a pull request with an explanation of your changes or additions.

We will review and work with you to release the code.