On the VMware VSX we can find an interesting addition to vRealize Operations Manager, this is the Trend Micro Deep Security Management (pack). The installation manual is clearly written that last supported version is really VMware Operations Manager 5.8.4. Fortunately this is partly true, after a slight modification in the script that installs the DSM certificate, can safely install the whole solution and use in vRealize Operations Manager 6.0.1. The procedure is very simple and does not differ greatly from the official installation instructions.
In the first step we have to log in through the console to vROPS, set a password for root and enable SSH. In the console need to switch screen (ALT + F1), the root password is blank (just press enter).
After running SSH, copy to vROPS import-cert script and Deep Security Manager certificate (if you have more in the cluster that is enough from one node). In the next step we need to modify the script to proper install the certificate in keystore or do it manually.
Line: KEYSTORE=”$ALIVE_BASE/user/conf/truststore”
Replace on: KEYSTORE=”/storage/vcops/user/conf/ssl/tcserver.truststore”
Password for keystore is in the file:
/storage/vcops/user/conf/ssl/storePass.properties (place them in a script instead of a password “oxygen”).
Run the script and install the certificate:
In the next step, we install DeepSecurityAdapter-1.0.0.pak in vRealize Operations Manager (Administration -> Solutions -> +). If you have more than one instance of vROPS (cluster) in during adapter configuration, you must choose the correct node (ie that on which you installed the DSM certificate).
After waiting time required for the analysis, we enjoy information on relevant dashboards.
EDIT 2016.03.02:
A new version of Deep Security Management Pack for vRealize Operations 6.x is available from Trend Micro (please email to deepsecurityvrops[at]trendmicro.com). Installation is exactly the same as the older version (including errors in the file importcert). The new version includes three Dashboards:
And it works without any problem with vCenter 6, vRO 6.2 and DSM 9.6.
2015/11/18 at 12:12
Hi Piotr!
Have you tried vROPs 6.1 also?
My vROPs 6.1 / DS 9.6 connection throws an Error: connecting to DSM: ; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I’ve experimented with vcenter cert and intermediate / root ca certs inside the java keystore without success.
best regards
Herbert
2015/11/18 at 12:48
Hello Herbert,
I have vROPS 6.1 (upgraded from 6.0) and DS 9.5.3, there is no problem with this configuration. In my lab I have 6.1/9.6 with VMCA as intermediate but I have not tested here this management pack. This error indicates that you need to have both certificates (ca and intermediate) in the both keystores (in vRO and DS).
Regards,
Piotr
2015/11/19 at 21:07
Cześć Piotr!
Sadly the chain is valid in both keystores. We will try to reproduce it with 6.0/9.6 asap.
dziękuję
Herbert
2015/11/20 at 10:47
Proszę bardzo :-)
In my laboratory has exactly the same case as yours, I failed so far to jump this error with ssl :(
I add certs to trusted store and to /etc/ssl/certs without success.
Let me know how you succeed.
Regards,
Piotr
2015/12/18 at 19:18
Hi Herbert.
Change the truststore to /storage/vcops/user/conf/ssl/tcserver.truststore and get the password on /storage/vcops/user/conf/ssl/storePass.properties and restart the vROps.
2016/02/12 at 00:51
Hi Fernando,
Don’t ask me why, but now with vROPs 6.2 and Deepsecurity Mgmt Pack 6 everything is working as expected.
regards
Herbert
2016/02/16 at 10:35
Update:
If you want to try the newest management pack from trend, supported with vROPs 6.x, contact ‘rick_abbott [at] trendmicro.at’ or ‘deepsecurityvrops [at] trendmicro.com’. He wants to keep track of the customers using it.
Included is also a Loginsight content pack.
regards
Herbert
2016/02/16 at 13:11
Hey Herbert,
Thank You for this information, I will check this management pack!
Regards,
Piotr
2016/03/02 at 10:13
Hey Herbert,
I confirm that in vROP version 6.2 the old script works properly.
And I have new management pack from Trend Micro and also work good.
Regrads,
Piotr
2016/03/02 at 09:42
Dear Piszki,
I try your step and i stuck on this step : run the command Enter the full path to the Deep Security Manager Certificate and i don’t have the putrend1.cert on the root directory of vROPs.
Can you share to me how to install or run this script (/root/putrend1.cert) ?
Thank you.
2016/03/02 at 10:09
Hi Haikal,
putrend1.cert is name of my certificate, you need to copy your own SSL cert from your DSM and then name it as you wish :-)
Next, edit importcert and replace this line: CERT=”/root/TrendMicro/manager.cer” with your cert.
Regards,
Piotr