Piszki Lab | EN

My case study in the clouds…

vRealize Operations Manger 6: Trend Micro Deep Security Management Pack

| 11 Comments

On the VMware VSX we can find an interesting addition to vRealize Operations Manager, this is the Trend Micro Deep Security Management (pack). The installation manual is clearly written that last supported version is really VMware Operations Manager 5.8.4. Fortunately this is partly true, after a slight modification in the script that installs the DSM certificate, can safely install the whole solution and use in vRealize Operations Manager 6.0.1. The procedure is very simple and does not differ greatly from the official installation instructions.

vcops5

In the first step we have to log in through the console to vROPS, set a password for root and enable SSH. In the console need to switch screen (ALT + F1), the root password is blank (just press enter).

vcops1

After running SSH, copy to vROPS import-cert script and Deep Security Manager certificate (if you have more in the cluster that is enough from one node). In the next step we need to modify the script to proper install the certificate in keystore or do it manually.

Line: KEYSTORE=”$ALIVE_BASE/user/conf/truststore”

Replace on: KEYSTORE=”/storage/vcops/user/conf/ssl/tcserver.truststore”

Password for keystore is in the file:

/storage/vcops/user/conf/ssl/storePass.properties (place them in a script instead of a password “oxygen”).

Run the script and install the certificate:

vcops2

In the next step, we install DeepSecurityAdapter-1.0.0.pak in vRealize Operations Manager (Administration -> Solutions -> +). If you have more than one instance of vROPS (cluster) in during adapter configuration, you must choose the correct node (ie that on which you installed the DSM certificate).

vcops3

After waiting time required for the analysis, we enjoy information on relevant dashboards.

vcops4

EDIT 2016.03.02:

A new version of Deep Security Management Pack for vRealize Operations 6.x is available from Trend Micro (please email to deepsecurityvrops[at]trendmicro.com). Installation is exactly the same as the older version (including errors in the file importcert). The new version includes three Dashboards:

vrops

 

And it works without any problem with vCenter 6, vRO 6.2 and DSM 9.6.

Rate this article:
[Total: 1    Average: 5/5]

Author: Piotr Pisz

Computer always, since I got a Commodore 64 at the end of primary school, through his beloved Amiga and Linux infinite number of consoles, until today, fully virtual day. Since 2001, Unix/Linux Systems Administrator, for seven years a faithful companion and protector of Solaris system, until his sad end. In the year 2011 came in the depths of virtualization, then smoothly ascended into the clouds and continues there today. Professionally working as Systems Architect in the Polish Security Printing Works.

11 Comments

  1. Hi Piotr!

    Have you tried vROPs 6.1 also?
    My vROPs 6.1 / DS 9.6 connection throws an Error: connecting to DSM: ; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    I’ve experimented with vcenter cert and intermediate / root ca certs inside the java keystore without success.

    best regards
    Herbert

    • Hello Herbert,
      I have vROPS 6.1 (upgraded from 6.0) and DS 9.5.3, there is no problem with this configuration. In my lab I have 6.1/9.6 with VMCA as intermediate but I have not tested here this management pack. This error indicates that you need to have both certificates (ca and intermediate) in the both keystores (in vRO and DS).
      Regards,
      Piotr

  2. Cześć Piotr!

    Sadly the chain is valid in both keystores. We will try to reproduce it with 6.0/9.6 asap.

    dziękuję
    Herbert

    • Proszę bardzo :-)

      In my laboratory has exactly the same case as yours, I failed so far to jump this error with ssl :(
      I add certs to trusted store and to /etc/ssl/certs without success.
      Let me know how you succeed.

      Regards,
      Piotr

  3. Hi Herbert.

    Change the truststore to /storage/vcops/user/conf/ssl/tcserver.truststore and get the password on /storage/vcops/user/conf/ssl/storePass.properties and restart the vROps.

  4. Hi Fernando,

    Don’t ask me why, but now with vROPs 6.2 and Deepsecurity Mgmt Pack 6 everything is working as expected.

    regards
    Herbert

  5. Update:

    If you want to try the newest management pack from trend, supported with vROPs 6.x, contact ‘rick_abbott [at] trendmicro.at’ or ‘deepsecurityvrops [at] trendmicro.com’. He wants to keep track of the customers using it.
    Included is also a Loginsight content pack.

    regards
    Herbert

  6. Dear Piszki,

    I try your step and i stuck on this step : run the command Enter the full path to the Deep Security Manager Certificate and i don’t have the putrend1.cert on the root directory of vROPs.

    Can you share to me how to install or run this script (/root/putrend1.cert) ?

    Thank you.

    • Hi Haikal,

      putrend1.cert is name of my certificate, you need to copy your own SSL cert from your DSM and then name it as you wish :-)
      Next, edit importcert and replace this line: CERT=”/root/TrendMicro/manager.cer” with your cert.

      Regards,
      Piotr

Leave a Reply

Required fields are marked *.


.

Enjoyed the post? Support Piszki Lab | EN, click on the AD! :-)

.