Hey, Guys today I’m going to talk about Trend Micro Deep Security System requirements and how you can prepare your environment for deep security installation. There are a few things that need to be considered before you install, or let’s say, prepare your environment.
For deep security manager, installation. And guys, if you know, what things need to be considered, then please pause the video and list down all the requirements in the command section below, I’m going to review each and every command written by you.
Table of Contents
Trend Micro Deep Security System Requirements
Now, hopefully, you have to write it down, your thoughts in the compensation below. Here are some requirements which we have to consider before installing a deep security manager. That is your CPU hard disk Ram internet and server operating system, as well as the database.
And also make sure that you are going to install your application, which is a deep security manager and database on the same server or on different, different servers. Like these guys. I always recommend installing a deep security manager on a different, different server. If you have more than 50 nodes now, guys, I will show you some of the reference links, which will help you to consider your system.
Prince when you prepare your server for deep security, the very first thing that should come to your mind is the number of agents on which you are going to install the deep security agent. So let’s say on find agents, I’m going to install a deep security manager. And the second point that should come into our minds number of locations.
So here I will consider that I have two locations. One is Singapore, and the second is India .that we have to consider is the agent server operating system. Like in my environment, I have windows red hat. So these types of operating systems I have. The fourth option is DSM models because some people choose all the models, which are available in deep security.
And some people only choose IPS has an engine. So basis on the requirement, please check all that, your system requires. As well as leads per the DSM model. And if in case you don’t know what this deep security model is, then please go and check out my 1st post Trend Micro Deep Security 2022 I mention all details in this post.
So in this post, we are going to consider all the DSM models, which are available. So here at a high level, I have got what are the things I have in my environment accordingly, we’ll now choose the size for our deep security manager server.
The very first thing I’m going to choose is the deep security manager operating system on which I’m going to install a deep security application. So let’s check out that.
Here is the version. So we are going with the very top one dip 20 LT. This is the latest version guys. So always go with the latest version. Okay. So right now we are on the shift system requirement page. So scroll all the way down and the basis on your expertise. You can choose windows, server, or Linux server for your installation.
Opration System for Trend Micro DSM
Here, I’m going to choose windows server 20 19 64-bit. So in my environment, I have a windows server 2019 license server. So I’ll be ensuring a deep security manager application on this server. So now my concern is to solve that where I’m going to install a deep security manager. Then that is the window server, 2019 64bit.
Required Database for Deep Security
Now, the next thing we have to consider is what the type of my database server is. Since I have 500 plus servers, that’s the reason I’m going. Your SQL server and guys, if in case we have less than 10 servers on which we are going to install the security agent, then you can go with Microsoft, your SQL server express, which is completely free.
But in my, environment, I have 1000 plus servers. Hence, I’m going to choose Microsoft your SQL server 2019. So you can also, select a SQL server version from the available. In case you want me to install a deep security manager on any of the Linux-supported databases like Oracle, then please let me know.
Now, since we are, two different locations and the agent companies have more than 1000 nods in our environment, hence here, I’m going to choose one single database.
Two DSM. That will act as a low balancing and both the servers will always act in active, active mode. And guys in case my, Deep Security manager second is goose down, then 2 DSM will take all the load. And if in case the DSM one goes down, then all load will be handled by DSM two. I prefer to go with the two DSM servers and a single database.
Required RAM for Deep Security
Here we’ll have to choose now Ram for, to choose Ram. We’ll have to go to the sizing. As I mention earlier for 1000 or less than 1000 agents, I have to go with the number twos section JVM. And in that process, memory will be 8 GB and the size requires 200 GB or two or more nodes.
So in our environment, also, we are going with the two nodes, so that much of memories, but let me show you, there’s a trick here. Check below. And here’s a trick. If you are going with the 1000 number of the node then for anti-malware itself, it requires 10 GB. And for web reputation, it requires 15 GB.
Required Hard Disk For Deep Security
Log inspection, 20 GB Firewall, 20 GB IPS, 40 GB application control 100 GB, and integrity monitoring 100GB. So the total size will require power, our 1000 agent, 300GB, but always go with the buffer basis on your retention period. Hence for five north, I’ll always recommend going with the 500 GB, or your SQL database server.
Virtual appliance sizing. But right now we are not going for the virtual appliances if you want to size you can check out the below-mentioned details.
Required Firewall Port for Deep Security
The last point is, firewall Ports should be open. If in case you are not allowed to provide full internet access to your Deep security manager server. So make sure basis on your environment, you have allowed all the ports required so that you are a deep security agent and a deep security manager can communicate with each other as you let. Smart production network and the active update server.
So please go through all the details here and carefully, firewall, port requirement image, and for module scroll all the way down, because here they have listed all the ports in detail, along with the URL required. Here you go. So white list, all these things in your firewall. The basis on what are the things you are going to use in your network.
So, a whitelist is a thing we have to consider before installing a deep security manager. So what do we learn here? Let me tell you, in deep security manager, I’ll be installing deep security manager on windows server 20 19 64. Bit for this, I would require a total of two servers with the same operating system.
The second thing is my deep security manager will be in HA mode so that it’ll work as active. The 3rd thing is my database server. So for the database, I’m going to use Microsoft SQL server 2019 enterprise or standard edition. And the 4th thing is the hard disk. So as per my requirement, I would require initially a 300 GB hard disc, but I’m just keeping a 200 GB buffer size.