It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda XDR

Setting up the Trend Micro Deep Security Collector

  • Last updated on

This setup is for the XDR Collector only. If you are using a physical or virtual sensor, refer to Integrating Trend Micro Deep Security.

To set up the Trend Micro Deep Security Collector, follow the procedures below:

  • Enable Trend Micro Deep Security Collector

  • Install the XDR Collector

  • Configure the Firewall Configuration

  • Open the port on the XDR Collector Host

Enable Trend Micro Deep Security Collector

  1. In Barracuda XDR Dashboard, navigate to Administration  Integrations.

  2. On the Trend Micro Deep Security Collector card, click Setup.

    2024-02-29_11-15-54.png

  3. Select the Enable check box.

    TrendDeepSecurityEdit.png

  4. Click Save.

Install the XDR Collector

When collecting logs from one or more integrated data sources, always set up the XDR Collector on a dedicated host server. Don't use an existing server because the amount of data produced by logs can impact critical infrastructure.

Configure the Firewall

  • To add a Syslog server to the Trend Micro Deep Security Firewall, follow the steps in the Trend Micro Deep Security Documentation.

  • When entering the necessary information for each syslog server that is added, make sure that the port is pointing to 9003, not to the default port that is mentioned in the documentation.

Open the port on the XDR Collector Host

Ensure incoming traffic is allowed on UDP port 9003.

Linux

sudo ufw allow 9003/udp

Windows

netsh advfirewall firewall add rule name=“Trend Micro Deep Security Events” dir=in action=allow protocol=UDP localport=9003