Skip to main content

Trend Micro Deep Security

This Integration is part of the Trend Micro Deep Security Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Trend Micro Deep Security This integration was integrated and tested with version 20.0 of Trend Micro Deep Security, and v1 of the API.

Changes compared to TrendMicroDsm#

Changes in commands#

  1. trendmicro-create-computer - New command.
  2. trendmicro-search-computers - New command.
  3. trendmicro-get-computer - New command.
  4. trendmicro-list-computers - New command.
  5. trendmicro-modify-computer - New command.
  6. trendmicro-delete-computer - New command.
  7. trendmicro-get-computer-setting - New command.
  8. trendmicro-modify-computer-setting - New command.
  9. trendmicro-reset-computer-setting - New command.
  10. trendmicro-list-computer-groups - New command.
  11. trendmicro-create-computer-group - New command.
  12. trendmicro-search-computer-groups - New command.
  13. trendmicro-get-computer-group - New command.
  14. trendmicro-modify-computer-group - New command.
  15. trendmicro-delete-computer-group - New command.
  16. trendmicro-search-firewall-rules - New command.
  17. trendmicro-list-firewall-rules - New command.
  18. trendmicro-create-firewall-rule - New command.
  19. trendmicro-get-firewall-rule - New command.
  20. trendmicro-modify-firewall-rule - New command.
  21. trendmicro-delete-firewall-rule - New command.
  22. trendmicro-list-firewall-rule-ids-of-computer - New command.
  23. trendmicro-add-firewall-rule-ids-to-computer - New command.
  24. trendmicro-set-firewall-rule-ids-to-computer - New command.
  25. trendmicro-get-policy - New command.
  26. trendmicro-modify-policy - New command.
  27. trendmicro-delete-policy - New command.
  28. trendmicro-get-policy-setting - New command.
  29. trendmicro-modify-policy-setting - New command.
  30. trendmicro-reset-policy-setting - New command.
  31. trendmicro-list-policies - New command.
  32. trendmicro-search-policies - New command.
  33. trendmicro-create-policy - New command.
  34. trendmicro-remove-firewall-rule-id-from-computer - New command.
  35. trendmicro-list-default-policy-settings - New command.
  36. trendmicro-get-default-policy-setting - New command.
  37. trendmicro-modify-default-policy-setting - New command.
  38. trendmicro-reset-default-policy-setting - New command.

Configure Trend Micro Deep Security in Cortex#

ParameterDescriptionRequired
Server URLServer URL for TrendMicro console. e.g: https://ip:port/True
API SecretThe API secret keyTrue
API VersionThe API version usedFalse
Trust any certificate (not secure)False
Use system proxy settingsFalse

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

trendmicro-create-computer#


Create a new computer

Base Command#

trendmicro-create-computer

Input#

Argument NameDescriptionRequired
expandDetermines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none.Optional
overridesShow only overrides defined for the current computer. Possible values are: true, false. Default is false.Optional
host_nameHostname of the computer.Optional
display_nameDisplay name of the computer.Optional
descriptionDescription of the computer.Optional
group_idID of the computer group to which the computer belongs.Optional
policy_idID of the policy assigned to the computer.Optional
asset_importance_idID of the asset importance assigned to the computer.Optional
relay_list_idID of the relay list that is assigned to the computer.Optional

Context Output#

PathTypeDescription
TrendMicro.Computers.hostNamestringHostname of the computer
TrendMicro.Computers.displayNamestringDisplay name of the computer
TrendMicro.Computers.descriptionstringDescription of the computer
TrendMicro.Computers.groupIDintegerID of the computer group to which the computer belongs
TrendMicro.Computers.policyIDintegerID of the policy assigned to the computer
TrendMicro.Computers.assetImportanceIDintegerID of the asset importance assigned to the computer
TrendMicro.Computers.relayListIDintegerID of the relay list that is assigned to the computer

Command Example#

!trendmicro-create-computer host_name="example_computer"

Context Example#

{
"TrendMicro": {
"Computers": {
"ID": 217,
"agentVersion": "0.0.0.0",
"description": "",
"displayName": "",
"groupID": 0,
"hostGUID": "55793E73-1CC8-40EE-DE11-0FC0A5D7D77D",
"hostName": "example_computer",
"lastIPUsed": "",
"platform": "Unknown",
"relayListID": 0
}
}
}

Human Readable Output#

Details for the new computer example_computer#

IDHost NameGroup ID
217example_computer0

trendmicro-search-computers#


Search for specific computers by some field name with a certain type. Every field has a specific type. It can be a simple type like a string, a numeric or a boolean. However, it can also be a choice, which is a string with specific options (enumeration). To search, you must provide the field_name & field_type, the operation to perform, and the value to search.

Base Command#

trendmicro-search-computers

Input#

Argument NameDescriptionRequired
max_itemsLimits the number of objects returned.Optional
field_nameThe field name to search for. Possible values are: hostName, displayName, description, groupID, policyID, assetImportanceID, relayListID.Required
field_typeThe type of the field. Possible values are: boolean, numeric, choice, id, string.Required
operationThe search conditional to test on the field name. Possible values are: less-than, less-than-or-equal, equal, greater-than-or-equal, greater-than, not-equal.Required
valueThe value to compare.Required
sort_by_object_idIf true, forces the response objects to be sorted by ID, overriding the default sort order.Optional

Context Output#

PathTypeDescription
TrendMicro.Computers.hostNamestringHostname of the computer
TrendMicro.Computers.displayNamestringDisplay name of the computer
TrendMicro.Computers.descriptionstringDescription of the computer
TrendMicro.Computers.groupIDintegerID of the computer group to which the computer belongs
TrendMicro.Computers.policyIDintegerID of the policy assigned to the computer
TrendMicro.Computers.assetImportanceIDintegerID of the asset importance assigned to the computer
TrendMicro.Computers.relayListIDintegerID of the relay list that is assigned to the computer

Command Example#

!trendmicro-search-computers field_name=groupID field_type=numeric operation=equal value=0

Context Example#

{
"TrendMicro": {
"Computers": [
{
"ID": 1,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "On"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "Modified Test",
"displayName": "testq1",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"ruleIDs": [
23,
28,
30
],
"state": "off"
},
"groupID": 0,
"hostGUID": "52DA6A2B-A3AD-4DA7-911C-3C8915E26BA5",
"hostName": "q1",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"policyID": 1,
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
},
{
"ID": 2,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 0,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 0,
"realTimeScanScheduleID": 0,
"scheduledScanConfigurationID": 0,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": ""
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": ""
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "30 Seconds"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": ""
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "2"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "F2E3B97E-773E-B775-167F-571C4DF1D275",
"hostName": "q2",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
},
{
"ID": 3,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 0,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 0,
"realTimeScanScheduleID": 0,
"scheduledScanConfigurationID": 0,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": ""
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": ""
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "30 Seconds"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": ""
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "2"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "950C88D8-90FD-3F4F-02E4-DF1EC0E0D801",
"hostName": "poc",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
},
{
"ID": 34,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "Modified Test",
"displayName": "",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"groupID": 0,
"hostGUID": "D371794B-C7C0-A81F-8DA0-D658A26B1DD4",
"hostName": "aaaaa",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"policyID": 1,
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
},
{
"ID": 166,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 0,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 0,
"realTimeScanScheduleID": 0,
"scheduledScanConfigurationID": 0,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": ""
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": ""
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "30 Seconds"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": ""
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "2"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "6F786725-039C-CCEE-1BD2-43E63DFED122",
"hostName": "poc1",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
},
{
"ID": 216,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 0,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 0,
"realTimeScanScheduleID": 0,
"scheduledScanConfigurationID": 0,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": ""
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": ""
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "30 Seconds"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": ""
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "2"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "08397785-21E7-2029-A203-0635247ED6D8",
"hostName": "example_computer",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
}
]
}
}

Human Readable Output#

Matched Computers#

IDHost NameDescriptionGroup ID
1q1Modified Test0
2q2Modified Test0
3pocModified Test0
34aaaaaModified Test0
166poc1Modified Test0
216example_computer0

trendmicro-get-computer#


Get information about a certain computer

Base Command#

trendmicro-get-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer to get.Required
expandDetermines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none.Optional
overridesShow only overrides defined for the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.Computers.hostNamestringHostname of the computer
TrendMicro.Computers.displayNamestringDisplay name of the computer
TrendMicro.Computers.descriptionstringDescription of the computer
TrendMicro.Computers.groupIDintegerID of the computer group to which the computer belongs
TrendMicro.Computers.policyIDintegerID of the policy assigned to the computer
TrendMicro.Computers.assetImportanceIDintegerID of the asset importance assigned to the computer
TrendMicro.Computers.relayListIDintegerID of the relay list that is assigned to the computer

Command Example#

!trendmicro-get-computer computer_id=216

Context Example#

{
"TrendMicro": {
"Computers": {
"ID": 216,
"agentVersion": "0.0.0.0",
"description": "",
"displayName": "",
"groupID": 0,
"hostGUID": "08397785-21E7-2029-A203-0635247ED6D8",
"hostName": "example_computer",
"lastIPUsed": "",
"platform": "Unknown",
"relayListID": 0
}
}
}

Human Readable Output#

Details for the computer example_computer#

IDHost NameGroup ID
216example_computer0

trendmicro-list-computers#


Get information of all existing computers

Base Command#

trendmicro-list-computers

Input#

Argument NameDescriptionRequired
expandDetermines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none.Optional
overridesShow only overrides defined for the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.Computers.hostNamestringHostname of the computer
TrendMicro.Computers.displayNamestringDisplay name of the computer
TrendMicro.Computers.descriptionstringDescription of the computer
TrendMicro.Computers.groupIDintegerID of the computer group to which the computer belongs
TrendMicro.Computers.policyIDintegerID of the policy assigned to the computer
TrendMicro.Computers.assetImportanceIDintegerID of the asset importance assigned to the computer
TrendMicro.Computers.relayListIDintegerID of the relay list that is assigned to the computer

Command Example#

!trendmicro-list-computers expand="firewall"

Context Example#

{
"TrendMicro": {
"Computers": [
{
"ID": 1,
"agentVersion": "0.0.0.0",
"description": "Modified Test",
"displayName": "testq1",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"ruleIDs": [
23,
28,
30
],
"state": "off"
},
"groupID": 0,
"hostGUID": "52DA6A2B-A3AD-4DA7-911C-3C8915E26BA5",
"hostName": "q1",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"platform": "Unknown",
"policyID": 1,
"relayListID": 0
},
{
"ID": 2,
"agentVersion": "0.0.0.0",
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "F2E3B97E-773E-B775-167F-571C4DF1D275",
"hostName": "q2",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"platform": "Unknown",
"relayListID": 0
},
{
"ID": 3,
"agentVersion": "0.0.0.0",
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "950C88D8-90FD-3F4F-02E4-DF1EC0E0D801",
"hostName": "poc",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"platform": "Unknown",
"relayListID": 0
},
{
"ID": 34,
"agentVersion": "0.0.0.0",
"description": "Modified Test",
"displayName": "",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"groupID": 0,
"hostGUID": "D371794B-C7C0-A81F-8DA0-D658A26B1DD4",
"hostName": "aaaaa",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"platform": "Unknown",
"policyID": 1,
"relayListID": 0
},
{
"ID": 166,
"agentVersion": "0.0.0.0",
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "6F786725-039C-CCEE-1BD2-43E63DFED122",
"hostName": "poc1",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"platform": "Unknown",
"relayListID": 0
},
{
"ID": 216,
"agentVersion": "0.0.0.0",
"description": "",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "08397785-21E7-2029-A203-0635247ED6D8",
"hostName": "example_computer",
"lastIPUsed": "",
"platform": "Unknown",
"relayListID": 0
}
]
}
}

Human Readable Output#

All computers list#

IDHost NameDescriptionGroup ID
1q1Modified Test0
2q2Modified Test0
3pocModified Test0
34aaaaaModified Test0
166poc1Modified Test0
216example_computer0

trendmicro-modify-computer#


Modify properties of a certain computer

Base Command#

trendmicro-modify-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer to modify.Required
expandDetermines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none.Optional
host_nameHostname of the computer.Optional
display_nameDisplay name of the computer.Optional
descriptionDescription of the computer.Optional
group_idID of the computer group to which the computer belongs.Optional
policy_idID of the policy assigned to the computer.Optional
asset_importance_idID of the asset importance assigned to the computer.Optional
relay_list_idID of the relay list that is assigned to the computer.Optional
overridesShow the value only if defined for the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.Computers.hostNamestringHostname of the computer
TrendMicro.Computers.displayNamestringDisplay name of the computer
TrendMicro.Computers.descriptionstringDescription of the computer
TrendMicro.Computers.groupIDintegerID of the computer group to which the computer belongs
TrendMicro.Computers.policyIDintegerID of the policy assigned to the computer
TrendMicro.Computers.assetImportanceIDintegerID of the asset importance assigned to the computer
TrendMicro.Computers.relayListIDintegerID of the relay list that is assigned to the computer

Command Example#

!trendmicro-modify-computer computer_id=216 description="Example computer description"

Context Example#

{
"TrendMicro": {
"Computers": {
"ID": 216,
"agentVersion": "0.0.0.0",
"description": "Example computer description",
"displayName": "",
"groupID": 0,
"hostGUID": "08397785-21E7-2029-A203-0635247ED6D8",
"hostName": "example_computer",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492628442,
"platform": "Unknown",
"relayListID": 0
}
}
}

Human Readable Output#

Details for the computer example_computer#

IDHost NameDescriptionGroup ID
216example_computerExample computer description0

trendmicro-delete-computer#


Delete a certain computer

Base Command#

trendmicro-delete-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer to delete.Required

Context Output#

There is no context output for this command.

Command Example#

!trendmicro-delete-computer computer_id=216

Human Readable Output#

The computer was successfully deleted!

trendmicro-get-computer-setting#


Get information about a setting of a certain computer

Base Command#

trendmicro-get-computer-setting

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
nameThe name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.ComputersSettings.computerIdintegerThe computer id that owns the computer
TrendMicro.ComputersSettings.namestringThe name of the setting
TrendMicro.ComputersSettings.valuestringThe value of a setting

Command Example#

!trendmicro-get-computer-setting computer_id=216 name=activityMonitoringSettingActivityEnabled

Context Example#

{
"TrendMicro": {
"ComputersSettings": {
"computerId": 216,
"name": "activityMonitoringSettingActivityEnabled",
"value": "Off"
}
}
}

Human Readable Output#

Settings for computer 216#

Computer IDNameValue
activityMonitoringSettingActivityEnabledOff

trendmicro-modify-computer-setting#


Modify a setting of a certain computer

Base Command#

trendmicro-modify-computer-setting

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
nameThe name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current computer. Possible values are: true, false. Default is false.Optional
valueValue of a Setting.Required

Context Output#

PathTypeDescription
TrendMicro.ComputersSettings.computerIdintegerThe ID of the computer that owns the setting
TrendMicro.ComputersSettings.namestringThe name of the setting
TrendMicro.ComputersSettings.valuestringValue of a Setting

Command Example#

!trendmicro-modify-computer-setting computer_id=216 name=activityMonitoringSettingActivityEnabled value=on

Context Example#

{
"TrendMicro": {
"ComputersSettings": {
"computerId": 216,
"name": "activityMonitoringSettingActivityEnabled",
"value": "On"
}
}
}

Human Readable Output#

Settings for computer 216#

Computer IDNameValue
activityMonitoringSettingActivityEnabledOn

trendmicro-reset-computer-setting#


Reset a setting of certain computer to its default value.

Base Command#

trendmicro-reset-computer-setting

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
nameThe name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.ComputersSettings.computerIdintegerThe ID of the computer that owns the setting
TrendMicro.ComputersSettings.namestringThe name of the setting
TrendMicro.ComputersSettings.valuestringThe value of the setting

Command Example#

!trendmicro-reset-computer-setting computer_id=216 name=activityMonitoringSettingActivityEnabled

Context Example#

{
"TrendMicro": {
"ComputersSettings": {
"computerId": 216,
"name": "activityMonitoringSettingActivityEnabled",
"value": "Off"
}
}
}

Human Readable Output#

Settings for computer 216#

Computer IDNameValue
activityMonitoringSettingActivityEnabledOff

trendmicro-list-computer-groups#


Get information about all existing computer groups

Base Command#

trendmicro-list-computer-groups

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
TrendMicro.ComputerGroups.namestringName of the computer group
TrendMicro.ComputerGroups.descriptionstringDescription of the computer group
TrendMicro.ComputerGroups.parentGroupIDintegerID of the computer group's parent group

Command Example#

!trendmicro-list-computer-groups

Context Example#

{
"TrendMicro": {
"ComputerGroups": [
{
"ID": 1,
"description": "Testing Group",
"name": "PoC Group",
"type": "folder"
},
{
"ID": 100,
"description": "Test Group",
"name": "Test",
"parentGroupID": 1,
"type": "folder"
},
{
"ID": 110,
"description": "",
"name": "Example Computer Group",
"parentGroupID": 1,
"type": "folder"
}
]
}
}

Human Readable Output#

Computer Groups#

IDNameDescriptionParent Group ID
1PoC GroupTesting Group
100TestTest Group1
110Example Computer Group1

trendmicro-create-computer-group#


Create a new computer group

Base Command#

trendmicro-create-computer-group

Input#

Argument NameDescriptionRequired
nameName of the computer group.Required
descriptionDescription of the computer group.Optional
parent_group_idID of the computer group's parent group.Optional

Context Output#

PathTypeDescription
TrendMicro.ComputerGroups.namestringName of the computer group
TrendMicro.ComputerGroups.descriptionstringDescription of the computer group
TrendMicro.ComputerGroups.parentGroupIDintegerID of the computer group's parent group

Command Example#

!trendmicro-create-computer-group name="Example Computer Group" description="Example computer group description" parent_group_id=1

Context Example#

{
"TrendMicro": {
"ComputerGroups": {
"ID": 111,
"description": "Example computer group description",
"name": "Example Computer Group",
"parentGroupID": 1,
"type": "folder"
}
}
}

Human Readable Output#

Computer Groups#

IDNameDescriptionParent Group ID
111Example Computer GroupExample computer group description1

trendmicro-search-computer-groups#


Search for specific computer groups by some field name with a certain type. Every field has a specific type. It can be a simple type like a string, a numeric or a boolean. However, it can also be a choice, which is a string with specific options (enumeration). To search, you must provide the field_name & field_type, the operation to perform, and the value to search.

Base Command#

trendmicro-search-computer-groups

Input#

Argument NameDescriptionRequired
max_itemsLimits the number of objects returned.Optional
field_nameThe name of the field. Possible values are: ID, type, name, description, parentGroupID.Required
field_typeThe type of the field. Possible values are: boolean, numeric, choice, id, string.Required
operationThe operation to compare with. Possible values are: less-than, less-than-or-equal, equal, greater-than-or-equal, greater-than, not-equal.Required
valueThe value compare against the field name.Required
sort_by_object_idIf true, forces the response objects to be sorted by ID, overriding the default sort order.Optional

Context Output#

PathTypeDescription
TrendMicro.ComputerGroups.namestringName of the computer group
TrendMicro.ComputerGroups.descriptionstringDescription of the computer group
TrendMicro.ComputerGroups.parentGroupIDintegerID of the computer group's parent group

Command Example#

!trendmicro-search-computer-groups field_name=ID operation=equal field_type=id value=110

Context Example#

{
"TrendMicro": {
"ComputerGroups": {
"ID": 110,
"description": "",
"name": "Example Computer Group",
"parentGroupID": 1,
"type": "folder"
}
}
}

Human Readable Output#

Matched Computer Groups#

IDNameParent Group ID
110Example Computer Group1

trendmicro-get-computer-group#


Get information of a certain computer group

Base Command#

trendmicro-get-computer-group

Input#

Argument NameDescriptionRequired
computer_group_idThe ID number of the computer group to get.Required

Context Output#

PathTypeDescription
TrendMicro.ComputerGroups.namestringName of the computer group
TrendMicro.ComputerGroups.descriptionstringDescription of the computer group
TrendMicro.ComputerGroups.parentGroupIDintegerID of the computer group's parent group

Command Example#

!trendmicro-get-computer-group computer_group_id=110

Context Example#

{
"TrendMicro": {
"ComputerGroups": {
"ID": 110,
"description": "",
"name": "Example Computer Group",
"parentGroupID": 1,
"type": "folder"
}
}
}

Human Readable Output#

Computer Group 110 Details#

IDNameParent Group ID
110Example Computer Group1

trendmicro-modify-computer-group#


Modify the properties of a certain computer group

Base Command#

trendmicro-modify-computer-group

Input#

Argument NameDescriptionRequired
computer_group_idThe ID number of the computer group to modify.Required
nameName of the computer group.Optional
descriptionDescription of the computer group.Optional
parent_group_idID of the computer group's parent group.Optional

Context Output#

PathTypeDescription
TrendMicro.ComputerGroups.namestringName of the computer group
TrendMicro.ComputerGroups.descriptionstringDescription of the computer group
TrendMicro.ComputerGroups.parentGroupIDintegerID of the computer group's parent group

Command Example#

!trendmicro-modify-computer-group computer_group_id=110 description="Example computer group description"

Context Example#

{
"TrendMicro": {
"ComputerGroups": {
"ID": 110,
"description": "Example computer group description",
"name": "Example Computer Group",
"parentGroupID": 1,
"type": "folder"
}
}
}

Human Readable Output#

Computer Group#

IDNameDescriptionParent Group ID
110Example Computer GroupExample computer group description1

trendmicro-delete-computer-group#


Delete a certain computer group

Base Command#

trendmicro-delete-computer-group

Input#

Argument NameDescriptionRequired
computer_group_idThe ID number of the computer group to delete.Required

Context Output#

There is no context output for this command.

Command Example#

!trendmicro-delete-computer-group computer_group_id=110

Human Readable Output#

The computer group was successfully deleted!

trendmicro-search-firewall-rules#


Search for specific firewall rules by some field name with a certain type. Every field has a specific type. It can be a simple type like a string, a numeric or a boolean. However, it can also be a choice, which is a string with specific options (enumeration). To search, you must provide the field_name & field_type, the operation to perform, and the value to search.

Base Command#

trendmicro-search-firewall-rules

Input#

Argument NameDescriptionRequired
max_itemsLimits the number of objects returned.Optional
field_nameThe field name to search. Possible values are: ID, name, description, action, priority, direction, frameType, frameNumber, frameNot, protocol, protocolNumber, protocolNot, sourceIPType, sourceIPValue, sourceIPMask, sourceIPRangeFrom, sourceIPRangeTo, sourceIPMultiple, sourceIPListID, sourceIPNot, sourceMACType, sourceMACValue, sourceMACMultiple, sourceMACListID, sourceMACNot, sourcePortType, sourcePortMultiple, sourcePortListID, sourcePortNot, destinationIPType, destinationIPValue, destinationIPMask, destinationIPRangeFrom, destinationIPRangeTo, destinationIPMultiple, destinationIPListID, destinationIPNot, destinationMACType, destinationMACValue, destinationMACMultiple, destinationMACListID, destinationMACNot, destinationPortType, destinationPortMultiple, destinationPortListID, destinationPortNot, anyFlags, logDisabled, includePacketData, alertEnabled, scheduleID, contextID.Required
field_typeThe field type. Possible values are: boolean, numeric, choice, id, string. Default is string.Optional
operationThe operation to test against the field. Possible values are: less-than, less-than-or-equal, equal, greater-than-or-equal, greater-than, not-equal.Required
valueThe value to compare against the field.Required
sort_by_object_idIf true, forces the response objects to be sorted by ID, overriding the default sort order.Optional

Context Output#

PathTypeDescription
TrendMicro.FirewallRules.namestringName of the firewall rule
TrendMicro.FirewallRules.descriptionstringDescription of the firewall rule
TrendMicro.FirewallRules.actionstringAction of the packet filter
TrendMicro.FirewallRules.prioritystringPriority of the packet filter
TrendMicro.FirewallRules.directionstringPacket direction
TrendMicro.FirewallRules.frameTypestringSupported frame types
TrendMicro.FirewallRules.frameNumberintegerEthernet frame number
TrendMicro.FirewallRules.frameNotbooleanControls if the frame setting should be inverted
TrendMicro.FirewallRules.protocolstringProtocol
TrendMicro.FirewallRules.protocolNumberintegerTwo-byte protocol number
TrendMicro.FirewallRules.protocolNotbooleanControls if the protocol setting should be inverted
TrendMicro.FirewallRules.sourceIPTypestringSource IP type
TrendMicro.FirewallRules.sourceIPValuestringSource IP
TrendMicro.FirewallRules.sourceIPMaskstringSource IP mask
TrendMicro.FirewallRules.sourceIPRangeFromstringThe first value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPRangeTostringThe last value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPMultiplearrayList of source IP addresses
TrendMicro.FirewallRules.sourceIPListIDintegerID of source IP list
TrendMicro.FirewallRules.sourceIPNotbooleanControls if the source IP setting should be inverted
TrendMicro.FirewallRules.sourceMACTypestringSource MAC type
TrendMicro.FirewallRules.sourceMACValuestringSource MAC address
TrendMicro.FirewallRules.sourceMACMultiplearrayList of MAC addresses
TrendMicro.FirewallRules.sourceMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.sourceMACNotbooleanControls if the source MAC setting should be inverted
TrendMicro.FirewallRules.sourcePortTypestringThe type of source port
TrendMicro.FirewallRules.sourcePortMultiplearrayList of comma-delimited source ports
TrendMicro.FirewallRules.sourcePortListIDintegerID of source port list
TrendMicro.FirewallRules.sourcePortNotbooleanControls if the source port setting should be inverted
TrendMicro.FirewallRules.destinationIPTypestringDestination IP type
TrendMicro.FirewallRules.destinationIPValuestringDestination IP
TrendMicro.FirewallRules.destinationIPMaskstringDestination IP mask
TrendMicro.FirewallRules.destinationIPRangeFromstringThe first value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPRangeTostringThe last value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPMultiplearrayList of comma-delimited destination IP addresses
TrendMicro.FirewallRules.destinationIPListIDintegerID of destination IP list
TrendMicro.FirewallRules.destinationIPNotbooleanControls if the destination IP setting should be inverted
TrendMicro.FirewallRules.destinationMACTypestringDestination MAC type
TrendMicro.FirewallRules.destinationMACValuestringDestination MAC address
TrendMicro.FirewallRules.destinationMACMultiplearrayList of comma-delimited MAC addresses
TrendMicro.FirewallRules.destinationMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.destinationMACNotbooleanControls if the destination MAC setting should be inverted
TrendMicro.FirewallRules.destinationPortTypestringThe type of destination port
TrendMicro.FirewallRules.destinationPortMultiplearrayList of comma-delimited destination ports
TrendMicro.FirewallRules.destinationPortListIDintegerID of destination port list
TrendMicro.FirewallRules.destinationPortNotbooleanControls if the destination port setting should be inverted
TrendMicro.FirewallRules.anyFlagsbooleanTrue if any flags are used
TrendMicro.FirewallRules.logDisabledbooleanControls if logging for this filter is disabled
TrendMicro.FirewallRules.includePacketDatabooleanControls if this filter should capture data for every log
TrendMicro.FirewallRules.alertEnabledbooleanControls if this filter should be alerted on
TrendMicro.FirewallRules.scheduleIDintegerID of the schedule to control when this filter is "on"
TrendMicro.FirewallRules.contextIDintegerRuleContext that is applied to this filter
TrendMicro.FirewallRules.tcpflagsarrayTCP flags
TrendMicro.FirewallRules.TCPNotbooleanWhther the TCP settings are inverted or not
TrendMicro.FirewallRules.ICMPTypeintegerICMP type
TrendMicro.FirewallRules.ICMPCodeintegerICMP code
TrendMicro.FirewallRules.ICMPNotbooleanWhther the ICMP settings are inverted or not

Command Example#

!trendmicro-search-firewall-rules field_name="action" field_type="choice" operation="equal" value="allow"

Context Example#

{
"TrendMicro": {
"FirewallRules": [
{
"ID": 20,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to Deep Security Agent",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 11,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Deep Security Agent",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 21,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to VMware vCenter Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 12,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "VMware vCenter Server",
"priority": "0",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 22,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow Deep Security as a Service inbound communications",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPMask": "255.255.255.0",
"sourceIPNot": false,
"sourceIPType": "masked-ip",
"sourceIPValue": "1.1.1.1",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortMultiple": [
"4118"
],
"sourcePortNot": false,
"sourcePortType": "multiple"
},
{
"ID": 24,
"TCPNot": true,
"action": "allow",
"alertEnabled": false,
"anyFlags": false,
"description": "UDP stateful and TCP stateful must be enabled",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow solicited TCP/UDP replies",
"priority": "0",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any",
"tcpflags": [
"syn"
]
},
{
"ID": 25,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "ICMP stateful must be enabled",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow solicited ICMP replies",
"priority": "0",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 32,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to an FTP Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 81,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "FTP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 35,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to Deep Security Manager",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 82,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Deep Security Manager",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 36,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to an Microsoft Exchange Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 83,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Microsoft Exchange Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 37,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 85,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec IKE",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 38,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec Encryption",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 50,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 39,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec Authentication",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 51,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 40,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to a Domain Controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 86,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Controller (TCP)",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 42,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming TCP traffic to a Web Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 77,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Web Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 43,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow remote access to machines",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 111,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Access SSH",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 44,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic from the domain controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Client (TCP)",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPListID": 4,
"sourceIPNot": false,
"sourceIPType": "ip-list",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 88,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 46,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming TCP traffic to an SMTP Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 103,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "SMTP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 47,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 110,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IDENT",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 52,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow remote access to machines",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 76,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Access RDP",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 53,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 98,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "POP3 Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 54,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 105,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IMAP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 55,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 101,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Computer Associates Unicenter",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 56,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 97,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Veritas",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 70,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34915,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Allow PPPOE Discovery",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 71,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34916,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Allow PPPOE Session",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 72,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Generic Routing Encapsulation",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 47,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 75,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 76,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule1",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 77,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule2",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 133,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "None",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 166,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "UDP",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 174,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Example Rule",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
}
]
}
}

Human Readable Output#

Matched Firewall Rules#

IDNameDescriptionDirectionAction
20Deep Security AgentAllow incoming traffic to Deep Security Agentincomingallow
21VMware vCenter ServerAllow incoming traffic to VMware vCenter Serverincomingallow
22Allow Deep Security as a Service inbound communicationsincomingallow
24Allow solicited TCP/UDP repliesUDP stateful and TCP stateful must be enabledincomingallow
25Allow solicited ICMP repliesICMP stateful must be enabledincomingallow
32FTP ServerAllow incoming traffic to an FTP Serverincomingallow
35Deep Security ManagerAllow incoming traffic to Deep Security Managerincomingallow
36Microsoft Exchange ServerAllow incoming traffic to an Microsoft Exchange Serverincomingallow
37IPSec IKEincomingallow
38IPSec Encryptionincomingallow
39IPSec Authenticationincomingallow
40Domain Controller (TCP)Allow incoming traffic to a Domain Controllerincomingallow
42Web ServerAllow incoming TCP traffic to a Web Serverincomingallow
43Remote Access SSHAllow remote access to machinesincomingallow
44Domain Client (TCP)Allow incoming traffic from the domain controllerincomingallow
46SMTP ServerAllow incoming TCP traffic to an SMTP Serverincomingallow
47IDENTincomingallow
52Remote Access RDPAllow remote access to machinesincomingallow
53POP3 Serverincomingallow
54IMAP Serverincomingallow
55Computer Associates Unicenterincomingallow
56Veritasincomingallow
70Allow PPPOE Discoveryincomingallow
71Allow PPPOE Sessionincomingallow
72Generic Routing Encapsulationincomingallow
75poc_ruleincomingallow
76poc_rule1incomingallow
77poc_rule2incomingallow
133Noneincomingallow
166UDPincomingallow
174Example Ruleincomingallow

trendmicro-list-firewall-rules#


List all existing firewall rules

Base Command#

trendmicro-list-firewall-rules

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
TrendMicro.FirewallRules.namestringName of the firewall rule
TrendMicro.FirewallRules.descriptionstringDescription of the firewall rule
TrendMicro.FirewallRules.actionstringAction of the packet filter
TrendMicro.FirewallRules.prioritystringPriority of the packet filter
TrendMicro.FirewallRules.directionstringPacket direction
TrendMicro.FirewallRules.frameTypestringSupported frame types
TrendMicro.FirewallRules.frameNumberintegerEthernet frame number
TrendMicro.FirewallRules.frameNotbooleanControls if the frame setting should be inverted
TrendMicro.FirewallRules.protocolstringProtocol
TrendMicro.FirewallRules.protocolNumberintegerTwo-byte protocol number
TrendMicro.FirewallRules.protocolNotbooleanControls if the protocol setting should be inverted
TrendMicro.FirewallRules.sourceIPTypestringSource IP type
TrendMicro.FirewallRules.sourceIPValuestringSource IP
TrendMicro.FirewallRules.sourceIPMaskstringSource IP mask
TrendMicro.FirewallRules.sourceIPRangeFromstringThe first value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPRangeTostringThe last value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPMultiplearrayList of source IP addresses
TrendMicro.FirewallRules.sourceIPListIDintegerID of source IP list
TrendMicro.FirewallRules.sourceIPNotbooleanControls if the source IP setting should be inverted
TrendMicro.FirewallRules.sourceMACTypestringSource MAC type
TrendMicro.FirewallRules.sourceMACValuestringSource MAC address
TrendMicro.FirewallRules.sourceMACMultiplearrayList of MAC addresses
TrendMicro.FirewallRules.sourceMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.sourceMACNotbooleanControls if the source MAC setting should be inverted
TrendMicro.FirewallRules.sourcePortTypestringThe type of source port
TrendMicro.FirewallRules.sourcePortMultiplearrayList of comma-delimited source ports
TrendMicro.FirewallRules.sourcePortListIDintegerID of source port list
TrendMicro.FirewallRules.sourcePortNotbooleanControls if the source port setting should be inverted
TrendMicro.FirewallRules.destinationIPTypestringDestination IP type
TrendMicro.FirewallRules.destinationIPValuestringDestination IP
TrendMicro.FirewallRules.destinationIPMaskstringDestination IP mask
TrendMicro.FirewallRules.destinationIPRangeFromstringThe first value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPRangeTostringThe last value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPMultiplearrayList of comma-delimited destination IP addresses
TrendMicro.FirewallRules.destinationIPListIDintegerID of destination IP list
TrendMicro.FirewallRules.destinationIPNotbooleanControls if the destination IP setting should be inverted
TrendMicro.FirewallRules.destinationMACTypestringDestination MAC type
TrendMicro.FirewallRules.destinationMACValuestringDestination MAC address
TrendMicro.FirewallRules.destinationMACMultiplearrayList of comma-delimited MAC addresses
TrendMicro.FirewallRules.destinationMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.destinationMACNotbooleanControls if the destination MAC setting should be inverted
TrendMicro.FirewallRules.destinationPortTypestringThe type of destination port
TrendMicro.FirewallRules.destinationPortMultiplearrayList of comma-delimited destination ports
TrendMicro.FirewallRules.destinationPortListIDintegerID of destination port list
TrendMicro.FirewallRules.destinationPortNotbooleanControls if the destination port setting should be inverted
TrendMicro.FirewallRules.anyFlagsbooleanTrue if any flags are used
TrendMicro.FirewallRules.logDisabledbooleanControls if logging for this filter is disabled
TrendMicro.FirewallRules.includePacketDatabooleanControls if this filter should capture data for every log
TrendMicro.FirewallRules.alertEnabledbooleanControls if this filter should be alerted on
TrendMicro.FirewallRules.scheduleIDintegerID of the schedule to control when this filter is "on"
TrendMicro.FirewallRules.contextIDintegerRuleContext that is applied to this filter
TrendMicro.FirewallRules.tcpflagsarrayTCP flags
TrendMicro.FirewallRules.TCPNotbooleanWhther the TCP settings are inverted or not
TrendMicro.FirewallRules.ICMPTypeintegerICMP type
TrendMicro.FirewallRules.ICMPCodeintegerICMP code
TrendMicro.FirewallRules.ICMPNotbooleanWhther the ICMP settings are inverted or not

Command Example#

!trendmicro-list-firewall-rules

Context Example#

{
"TrendMicro": {
"FirewallRules": [
{
"ID": 1,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 4,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 8,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - Domain Client (UDP)",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 2,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - GRE",
"priority": "2",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 47,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 3,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 5,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 77,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - HTTP(S)",
"priority": "2",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 4,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - ICMP Echo Request",
"priority": "2",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 5,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - IPSec Encryption",
"priority": "2",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 50,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 6,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 10,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - VPN Tunnel",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 7,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 34958,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - Wireless Authentication",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 8,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2054,
"frameType": "arp",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - ARP",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 9,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 92,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - DNS",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 10,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - GRE",
"priority": "2",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 47,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 11,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - ICMP Echo Request",
"priority": "2",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 12,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - IPSec Encryption",
"priority": "2",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 50,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 13,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 10,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - VPN Tunnel",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 14,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2054,
"frameType": "arp",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - ARP Outgoing",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 15,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - DHCP Client Incoming",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 78,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 16,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - DHCP Client Outgoing",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 79,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 17,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34958,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - Wireless Authentication Incoming",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 18,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 34958,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - Wireless Authentication Outgoing",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 19,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 90,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - Netbios Name Service Outgoing",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 90,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 20,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to Deep Security Agent",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 11,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Deep Security Agent",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 21,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to VMware vCenter Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 12,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "VMware vCenter Server",
"priority": "0",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 22,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow Deep Security as a Service inbound communications",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPMask": "255.255.255.0",
"sourceIPNot": false,
"sourceIPType": "masked-ip",
"sourceIPValue": "1.1.1.1",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortMultiple": [
"4118"
],
"sourcePortNot": false,
"sourcePortType": "multiple"
},
{
"ICMPCode": 4,
"ICMPNot": false,
"ICMPType": 3,
"ID": 23,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": false,
"description": "This ICMP packet is used for MTU path negotiation",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow ICMP type 3 code 4",
"priority": "4",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 24,
"TCPNot": true,
"action": "allow",
"alertEnabled": false,
"anyFlags": false,
"description": "UDP stateful and TCP stateful must be enabled",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow solicited TCP/UDP replies",
"priority": "0",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any",
"tcpflags": [
"syn"
]
},
{
"ID": 25,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "ICMP stateful must be enabled",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow solicited ICMP replies",
"priority": "0",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 26,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow DHCP Offer traffic to a DHCP Client",
"destinationIPListID": 2,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 79,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "DHCP Client",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 78,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 27,
"action": "deny",
"alertEnabled": false,
"anyFlags": true,
"description": "Ingress filter to deny incoming spoofed packets",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Deny Internal IP Ranges",
"priority": "4",
"protocol": "any",
"protocolNot": false,
"sourceIPListID": 3,
"sourceIPNot": false,
"sourceIPType": "ip-list",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 28,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming ARP traffic",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2054,
"frameType": "arp",
"includePacketData": false,
"logDisabled": false,
"name": "ARP",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 29,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "For hosts that rely on NetBios for name resolution",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 90,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "NetBios Name Service",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 90,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 30,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming DHCP requests to a DHCP server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 78,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "DHCP Server",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 79,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 31,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow wireless authentication traffic",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34958,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Wireless Authentication",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 32,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to an FTP Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 81,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "FTP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 33,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming TCP traffic to a Microsoft SQL server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 108,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Microsoft SQL Server",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 34,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to an Oracle SQL server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 107,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Oracle SQL Server",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 35,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to Deep Security Manager",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 82,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Deep Security Manager",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 36,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to an Microsoft Exchange Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 83,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Microsoft Exchange Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 37,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 85,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec IKE",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 38,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec Encryption",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 50,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 39,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec Authentication",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 51,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 40,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to a Domain Controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 86,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Controller (TCP)",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 41,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to a Domain Controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 87,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Controller (UDP)",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 42,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming TCP traffic to a Web Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 77,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Web Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 43,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow remote access to machines",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 111,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Access SSH",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 44,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic from the domain controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Client (TCP)",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPListID": 4,
"sourceIPNot": false,
"sourceIPType": "ip-list",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 88,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 45,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic from the domain controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Client (UDP)",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPListID": 4,
"sourceIPNot": false,
"sourceIPType": "ip-list",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 89,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 46,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming TCP traffic to an SMTP Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 103,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "SMTP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 47,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 110,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IDENT",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 48,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming DNS requests to a DNS server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 92,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "DNS Server",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ICMPCode": 0,
"ICMPNot": false,
"ICMPType": 8,
"ID": 49,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": false,
"description": "Allow incoming Ping requests",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "ICMP Echo Request",
"priority": "2",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 50,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow Network Time Protocol traffic",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 109,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Network Time Protocol",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 51,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow file sharing traffic",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 93,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Windows File Sharing",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 52,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow remote access to machines",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 76,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Access RDP",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 53,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 98,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "POP3 Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 54,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 105,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IMAP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 55,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 101,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Computer Associates Unicenter",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 56,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 97,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Veritas",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 57,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 106,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "MySQL Server",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 58,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 99,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "WINS",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 59,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 104,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "WINS Registration",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 60,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 100,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "WINS Replication",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 61,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 90,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - Netbios Name Service Incoming",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 90,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 62,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2054,
"frameType": "arp",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - ARP Incoming",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 63,
"action": "deny",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "Log packets blocked due to Restricted Interface Enforcement policy",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 0,
"frameType": "any",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Enforcement",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 64,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 4,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 8,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - Domain Client (TCP)",
"priority": "2",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 65,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2054,
"frameType": "arp",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - ARP",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 66,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 92,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - DNS",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 67,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "When remotely connected to domain only corporate traffic is allowed",
"destinationIPListID": 6,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 68,
"action": "deny",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "Log packets blocked due to Remote Domain Enforcement policy",
"destinationIPListID": 7,
"destinationIPNot": true,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Enforcement (Split Tunnel)",
"priority": "0",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 69,
"action": "deny",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "Log packets blocked due to Off Domain Enforcement policy",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 0,
"frameType": "any",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Enforcement",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 70,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34915,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Allow PPPOE Discovery",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 71,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34916,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Allow PPPOE Session",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 72,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Generic Routing Encapsulation",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 47,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 73,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - DHCP Client",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 79,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 75,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 76,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule1",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 77,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule2",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 133,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "None",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 166,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "UDP",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 174,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Example Rule",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
}
]
}
}

Human Readable Output#

Firewall Rules#

IDNameDescriptionDirectionAction
1Off Domain Exceptions - Domain Client (UDP)outgoingforce-allow
2Off Domain Exceptions - GREoutgoingforce-allow
3Off Domain Exceptions - HTTP(S)outgoingforce-allow
4Off Domain Exceptions - ICMP Echo Requestoutgoingforce-allow
5Off Domain Exceptions - IPSec Encryptionoutgoingforce-allow
6Off Domain Exceptions - VPN Tunneloutgoingforce-allow
7Off Domain Exceptions - Wireless Authenticationoutgoingforce-allow
8Remote Domain Exceptions - ARPoutgoingforce-allow
9Remote Domain Exceptions - DNSoutgoingforce-allow
10Remote Domain Exceptions - GREoutgoingforce-allow
11Remote Domain Exceptions - ICMP Echo Requestoutgoingforce-allow
12Remote Domain Exceptions - IPSec Encryptionoutgoingforce-allow
13Remote Domain Exceptions - VPN Tunneloutgoingforce-allow
14Restricted Interface Exceptions - ARP Outgoingoutgoingforce-allow
15Restricted Interface Exceptions - DHCP Client Incomingincomingforce-allow
16Restricted Interface Exceptions - DHCP Client Outgoingoutgoingforce-allow
17Restricted Interface Exceptions - Wireless Authentication Incomingincomingforce-allow
18Restricted Interface Exceptions - Wireless Authentication Outgoingoutgoingforce-allow
19Restricted Interface Exceptions - Netbios Name Service Outgoingoutgoingforce-allow
20Deep Security AgentAllow incoming traffic to Deep Security Agentincomingallow
21VMware vCenter ServerAllow incoming traffic to VMware vCenter Serverincomingallow
22Allow Deep Security as a Service inbound communicationsincomingallow
23Allow ICMP type 3 code 4This ICMP packet is used for MTU path negotiationincomingforce-allow
24Allow solicited TCP/UDP repliesUDP stateful and TCP stateful must be enabledincomingallow
25Allow solicited ICMP repliesICMP stateful must be enabledincomingallow
26DHCP ClientAllow DHCP Offer traffic to a DHCP Clientincomingforce-allow
27Deny Internal IP RangesIngress filter to deny incoming spoofed packetsincomingdeny
28ARPAllow incoming ARP trafficincomingforce-allow
29NetBios Name ServiceFor hosts that rely on NetBios for name resolutionincomingforce-allow
30DHCP ServerAllow incoming DHCP requests to a DHCP serverincomingforce-allow
31Wireless AuthenticationAllow wireless authentication trafficincomingforce-allow
32FTP ServerAllow incoming traffic to an FTP Serverincomingallow
33Microsoft SQL ServerAllow incoming TCP traffic to a Microsoft SQL serverincomingforce-allow
34Oracle SQL ServerAllow incoming traffic to an Oracle SQL serverincomingforce-allow
35Deep Security ManagerAllow incoming traffic to Deep Security Managerincomingallow
36Microsoft Exchange ServerAllow incoming traffic to an Microsoft Exchange Serverincomingallow
37IPSec IKEincomingallow
38IPSec Encryptionincomingallow
39IPSec Authenticationincomingallow
40Domain Controller (TCP)Allow incoming traffic to a Domain Controllerincomingallow
41Domain Controller (UDP)Allow incoming traffic to a Domain Controllerincomingforce-allow
42Web ServerAllow incoming TCP traffic to a Web Serverincomingallow
43Remote Access SSHAllow remote access to machinesincomingallow
44Domain Client (TCP)Allow incoming traffic from the domain controllerincomingallow
45Domain Client (UDP)Allow incoming traffic from the domain controllerincomingforce-allow
46SMTP ServerAllow incoming TCP traffic to an SMTP Serverincomingallow
47IDENTincomingallow
48DNS ServerAllow incoming DNS requests to a DNS serverincomingforce-allow
49ICMP Echo RequestAllow incoming Ping requestsincomingforce-allow
50Network Time ProtocolAllow Network Time Protocol trafficincomingforce-allow
51Windows File SharingAllow file sharing trafficincomingforce-allow
52Remote Access RDPAllow remote access to machinesincomingallow
53POP3 Serverincomingallow
54IMAP Serverincomingallow
55Computer Associates Unicenterincomingallow
56Veritasincomingallow
57MySQL Serverincomingforce-allow
58WINSincomingforce-allow
59WINS Registrationincomingforce-allow
60WINS Replicationincomingforce-allow
61Restricted Interface Exceptions - Netbios Name Service Incomingincomingforce-allow
62Restricted Interface Exceptions - ARP Incomingincomingforce-allow
63Restricted Interface EnforcementLog packets blocked due to Restricted Interface Enforcement policyoutgoingdeny
64Off Domain Exceptions - Domain Client (TCP)outgoingforce-allow
65Off Domain Exceptions - ARPoutgoingforce-allow
66Off Domain Exceptions - DNSoutgoingforce-allow
67Remote Domain ExceptionsWhen remotely connected to domain only corporate traffic is allowedoutgoingforce-allow
68Remote Domain Enforcement (Split Tunnel)Log packets blocked due to Remote Domain Enforcement policyoutgoingdeny
69Off Domain EnforcementLog packets blocked due to Off Domain Enforcement policyoutgoingdeny
70Allow PPPOE Discoveryincomingallow
71Allow PPPOE Sessionincomingallow
72Generic Routing Encapsulationincomingallow
73Off Domain Exceptions - DHCP Clientoutgoingforce-allow
75poc_ruleincomingallow
76poc_rule1incomingallow
77poc_rule2incomingallow
133Noneincomingallow
166UDPincomingallow
174Example Ruleincomingallow

trendmicro-create-firewall-rule#


Create a new firewall rule

Base Command#

trendmicro-create-firewall-rule

Input#

Argument NameDescriptionRequired
nameName of the firewall rule.Required
descriptionDescription of the firewall rule.Optional
actionAction of the packet filter. Possible values are: log-only, allow, deny, force-allow, bypass.Required
priorityPriority of the packet filter. Possible values are: 0, 1, 2, 3, 4.Optional
directionPacket direction. Possible values are: incoming, outgoing.Required
frame_typeSupported frame types. Possible values are: any, ip, arp, revarp, ipv4, ipv6, other.Optional
frame_numberEthernet frame number.Optional
frame_notControls if the frame setting should be inverted.Optional
protocolProtocol. Possible values are: any, icmp, igmp, ggp, tcp, udp, pup, idp, nd, raw, tcp-udp, icmpv6, other.Optional
protocol_numberTwo-byte protocol number.Optional
protocol_notControls if the protocol setting should be inverted.Optional
source_ip_typeSource IP type. Possible values are: any, single, multiple, masked-ip, range, ip-list.Optional
source_ip_valueSource IP.Optional
source_ip_maskSource IP mask.Optional
source_ip_range_fromThe first value for a range of source IP addresses.Optional
source_ip_range_toThe last value for a range of source IP addresses.Optional
source_ip_multipleList of source IP addresses.Optional
source_ip_list_idID of source IP list.Optional
source_ip_notControls if the source IP setting should be inverted.Optional
source_mac_typeSource MAC type. Possible values are: any, single, multiple, mac-list.Optional
source_mac_valueSource MAC address.Optional
source_mac_multipleList of MAC addresses.Optional
source_mac_list_idID of MAC address list.Optional
source_mac_notControls if the source MAC setting should be inverted.Optional
source_port_typeThe type of source port. Possible values are: any, multiple, port-list.Optional
source_port_multipleList of comma-delimited source ports.Optional
source_port_list_idID of source port list.Optional
source_port_notControls if the source port setting should be inverted.Optional
destination_ip_typeDestination IP type. Possible values are: any, single, multiple, range, masked-ip, ip-list.Optional
destination_ip_valueDestination IP.Optional
destination_ip_maskDestination IP mask.Optional
destination_ip_range_fromThe first value for a range of destination IP addresses.Optional
destination_ip_range_toThe last value for a range of destination IP addresses.Optional
destination_ip_multipleList of comma-delimited destination IP addresses.Optional
destination_ip_list_idID of destination IP list.Optional
destination_ip_notControls if the destination IP setting should be inverted.Optional
destination_mac_typeDestination MAC type. Possible values are: any, single, multiple, mac-list.Optional
destination_mac_valueDestination MAC address.Optional
destination_mac_multipleList of comma-delimited MAC addresses.Optional
destination_mac_list_idID of MAC address list.Optional
destination_mac_notControls if the destination MAC setting should be inverted.Optional
destination_port_typeThe type of destination port. Possible values are: any, multiple, port-list.Optional
destination_port_multipleList of comma-delimited destination ports.Optional
destination_port_list_idID of destination port list.Optional
destination_port_notControls if the destination port setting should be inverted.Optional
any_flagsTrue if any flags are used.Optional
log_disabledControls if logging for this filter is disabled.Optional
include_packet_dataControls if this filter should capture data for every log.Optional
alert_enabledControls if this filter should be alerted on.Optional
schedule_idID of the schedule to control when this filter is "on".Optional
context_idRuleContext that is applied to this filter.Optional
tcpflagsThe TCP flags the rule should filter by. Possible values are: syn, ack, psh, urg, fin, rst.Optional
tcp_notControls if the TCP settings should be inverted.Optional
icmp_typeThe ICMP type the rule should filter by.Optional
icmp_codeThe ICMP code the rule should filter by.Optional
icmp_notControls if the ICMP settings should be inverted.Optional

Context Output#

PathTypeDescription
TrendMicro.FirewallRules.namestringName of the firewall rule
TrendMicro.FirewallRules.descriptionstringDescription of the firewall rule
TrendMicro.FirewallRules.actionstringAction of the packet filter
TrendMicro.FirewallRules.prioritystringPriority of the packet filter
TrendMicro.FirewallRules.directionstringPacket direction
TrendMicro.FirewallRules.frameTypestringSupported frame types
TrendMicro.FirewallRules.frameNumberintegerEthernet frame number
TrendMicro.FirewallRules.frameNotbooleanControls if the frame setting should be inverted
TrendMicro.FirewallRules.protocolstringProtocol
TrendMicro.FirewallRules.protocolNumberintegerTwo-byte protocol number
TrendMicro.FirewallRules.protocolNotbooleanControls if the protocol setting should be inverted
TrendMicro.FirewallRules.sourceIPTypestringSource IP type
TrendMicro.FirewallRules.sourceIPValuestringSource IP
TrendMicro.FirewallRules.sourceIPMaskstringSource IP mask
TrendMicro.FirewallRules.sourceIPRangeFromstringThe first value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPRangeTostringThe last value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPMultiplearrayList of source IP addresses
TrendMicro.FirewallRules.sourceIPListIDintegerID of source IP list
TrendMicro.FirewallRules.sourceIPNotbooleanControls if the source IP setting should be inverted
TrendMicro.FirewallRules.sourceMACTypestringSource MAC type
TrendMicro.FirewallRules.sourceMACValuestringSource MAC address
TrendMicro.FirewallRules.sourceMACMultiplearrayList of MAC addresses
TrendMicro.FirewallRules.sourceMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.sourceMACNotbooleanControls if the source MAC setting should be inverted
TrendMicro.FirewallRules.sourcePortTypestringThe type of source port
TrendMicro.FirewallRules.sourcePortMultiplearrayList of comma-delimited source ports
TrendMicro.FirewallRules.sourcePortListIDintegerID of source port list
TrendMicro.FirewallRules.sourcePortNotbooleanControls if the source port setting should be inverted
TrendMicro.FirewallRules.destinationIPTypestringDestination IP type
TrendMicro.FirewallRules.destinationIPValuestringDestination IP
TrendMicro.FirewallRules.destinationIPMaskstringDestination IP mask
TrendMicro.FirewallRules.destinationIPRangeFromstringThe first value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPRangeTostringThe last value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPMultiplearrayList of comma-delimited destination IP addresses
TrendMicro.FirewallRules.destinationIPListIDintegerID of destination IP list
TrendMicro.FirewallRules.destinationIPNotbooleanControls if the destination IP setting should be inverted
TrendMicro.FirewallRules.destinationMACTypestringDestination MAC type
TrendMicro.FirewallRules.destinationMACValuestringDestination MAC address
TrendMicro.FirewallRules.destinationMACMultiplearrayList of comma-delimited MAC addresses
TrendMicro.FirewallRules.destinationMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.destinationMACNotbooleanControls if the destination MAC setting should be inverted
TrendMicro.FirewallRules.destinationPortTypestringThe type of destination port
TrendMicro.FirewallRules.destinationPortMultiplearrayList of comma-delimited destination ports
TrendMicro.FirewallRules.destinationPortListIDintegerID of destination port list
TrendMicro.FirewallRules.destinationPortNotbooleanControls if the destination port setting should be inverted
TrendMicro.FirewallRules.anyFlagsbooleanTrue if any flags are used
TrendMicro.FirewallRules.logDisabledbooleanControls if logging for this filter is disabled
TrendMicro.FirewallRules.includePacketDatabooleanControls if this filter should capture data for every log
TrendMicro.FirewallRules.alertEnabledbooleanControls if this filter should be alerted on
TrendMicro.FirewallRules.scheduleIDintegerID of the schedule to control when this filter is "on"
TrendMicro.FirewallRules.contextIDintegerRuleContext that is applied to this filter
TrendMicro.FirewallRules.tcpflagsarrayTCP flags
TrendMicro.FirewallRules.TCPNotbooleanWhether the TCP settings are inverted
TrendMicro.FirewallRules.ICMPTypeintegerICMP type
TrendMicro.FirewallRules.ICMPCodeintegerICMP code
TrendMicro.FirewallRules.ICMPNotbooleanWhether the ICMP settings are inverted

Command Example#

!trendmicro-create-firewall-rule name="Example Rule" action=allow protocol=udp direction=incoming

Context Example#

{
"TrendMicro": {
"FirewallRules": {
"ID": 175,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Example Rule",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
}
}
}

Human Readable Output#

Firewall Rules#

IDNameDirectionAction
175Example Ruleincomingallow

trendmicro-get-firewall-rule#


Get information about a certain firewall rule

Base Command#

trendmicro-get-firewall-rule

Input#

Argument NameDescriptionRequired
firewall_rule_idThe ID number of the firewall rule to get.Required

Context Output#

PathTypeDescription
TrendMicro.FirewallRules.namestringName of the firewall rule
TrendMicro.FirewallRules.descriptionstringDescription of the firewall rule
TrendMicro.FirewallRules.actionstringAction of the packet filter
TrendMicro.FirewallRules.prioritystringPriority of the packet filter
TrendMicro.FirewallRules.directionstringPacket direction
TrendMicro.FirewallRules.frameTypestringSupported frame types
TrendMicro.FirewallRules.frameNumberintegerEthernet frame number
TrendMicro.FirewallRules.frameNotbooleanControls if the frame setting should be inverted
TrendMicro.FirewallRules.protocolstringProtocol
TrendMicro.FirewallRules.protocolNumberintegerTwo-byte protocol number
TrendMicro.FirewallRules.protocolNotbooleanControls if the protocol setting should be inverted
TrendMicro.FirewallRules.sourceIPTypestringSource IP type
TrendMicro.FirewallRules.sourceIPValuestringSource IP
TrendMicro.FirewallRules.sourceIPMaskstringSource IP mask
TrendMicro.FirewallRules.sourceIPRangeFromstringThe first value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPRangeTostringThe last value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPMultiplearrayList of source IP addresses
TrendMicro.FirewallRules.sourceIPListIDintegerID of source IP list
TrendMicro.FirewallRules.sourceIPNotbooleanControls if the source IP setting should be inverted
TrendMicro.FirewallRules.sourceMACTypestringSource MAC type
TrendMicro.FirewallRules.sourceMACValuestringSource MAC address
TrendMicro.FirewallRules.sourceMACMultiplearrayList of MAC addresses
TrendMicro.FirewallRules.sourceMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.sourceMACNotbooleanControls if the source MAC setting should be inverted
TrendMicro.FirewallRules.sourcePortTypestringThe type of source port
TrendMicro.FirewallRules.sourcePortMultiplearrayList of comma-delimited source ports
TrendMicro.FirewallRules.sourcePortListIDintegerID of source port list
TrendMicro.FirewallRules.sourcePortNotbooleanControls if the source port setting should be inverted
TrendMicro.FirewallRules.destinationIPTypestringDestination IP type
TrendMicro.FirewallRules.destinationIPValuestringDestination IP
TrendMicro.FirewallRules.destinationIPMaskstringDestination IP mask
TrendMicro.FirewallRules.destinationIPRangeFromstringThe first value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPRangeTostringThe last value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPMultiplearrayList of comma-delimited destination IP addresses
TrendMicro.FirewallRules.destinationIPListIDintegerID of destination IP list
TrendMicro.FirewallRules.destinationIPNotbooleanControls if the destination IP setting should be inverted
TrendMicro.FirewallRules.destinationMACTypestringDestination MAC type
TrendMicro.FirewallRules.destinationMACValuestringDestination MAC address
TrendMicro.FirewallRules.destinationMACMultiplearrayList of comma-delimited MAC addresses
TrendMicro.FirewallRules.destinationMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.destinationMACNotbooleanControls if the destination MAC setting should be inverted
TrendMicro.FirewallRules.destinationPortTypestringThe type of destination port
TrendMicro.FirewallRules.destinationPortMultiplearrayList of comma-delimited destination ports
TrendMicro.FirewallRules.destinationPortListIDintegerID of destination port list
TrendMicro.FirewallRules.destinationPortNotbooleanControls if the destination port setting should be inverted
TrendMicro.FirewallRules.anyFlagsbooleanTrue if any flags are used
TrendMicro.FirewallRules.logDisabledbooleanControls if logging for this filter is disabled
TrendMicro.FirewallRules.includePacketDatabooleanControls if this filter should capture data for every log
TrendMicro.FirewallRules.alertEnabledbooleanControls if this filter should be alerted on
TrendMicro.FirewallRules.scheduleIDintegerID of the schedule to control when this filter is "on"
TrendMicro.FirewallRules.contextIDintegerRuleContext that is applied to this filter
TrendMicro.FirewallRules.tcpflagsarrayTCP flags
TrendMicro.FirewallRules.TCPNotbooleanWhether the TCP settings are inverted or not
TrendMicro.FirewallRules.ICMPTypeintegerICMP type
TrendMicro.FirewallRules.ICMPCodeintegerICMP code
TrendMicro.FirewallRules.ICMPNotbooleanWhether the ICMP settings are inverted or not

Command Example#

!trendmicro-get-firewall-rule firewall_rule_id=174

Context Example#

{
"TrendMicro": {
"FirewallRules": {
"ID": 174,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Example Rule",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
}
}
}

Human Readable Output#

Details of The Firewall Rule 174#

IDNameDirectionAction
174Example Ruleincomingallow

trendmicro-modify-firewall-rule#


Modify the properties of a certain firewall rule

Base Command#

trendmicro-modify-firewall-rule

Input#

Argument NameDescriptionRequired
firewall_rule_idThe ID number of the firewall rule to modify.Required
nameName of the firewall rule.Optional
descriptionDescription of the firewall rule.Optional
actionAction of the packet filter. Possible values are: log-only, allow, deny, force-allow, bypass.Optional
priorityPriority of the packet filter. Possible values are: 0, 1, 2, 3, 4.Optional
directionPacket direction. Possible values are: incoming, outgoing.Optional
frame_typeSupported frame types. Possible values are: any, ip, arp, revarp, ipv4, ipv6, other.Optional
frame_numberEthernet frame number.Optional
frame_notControls if the frame setting should be inverted.Optional
protocolProtocol. Possible values are: any, icmp, igmp, ggp, tcp, pup, udp, idp, nd, raw, tcp-udp, icmpv6, other.Optional
protocol_numberTwo-byte protocol number.Optional
protocol_notControls if the protocol setting should be inverted.Optional
source_ip_typeSource IP type. Possible values are: any, masked-ip, range, ip-list, single, multiple.Optional
source_ip_valueSource IP.Optional
source_ip_maskSource IP mask.Optional
source_ip_range_fromThe first value for a range of source IP addresses.Optional
source_ip_range_toThe last value for a range of source IP addresses.Optional
source_ip_multipleList of source IP addresses.Optional
source_ip_list_idID of source IP list.Optional
source_ip_notControls if the source IP setting should be inverted.Optional
source_mac_typeSource MAC type. Possible values are: any, single, mac-list, multiple.Optional
source_mac_valueSource MAC address.Optional
source_mac_multipleList of MAC addresses.Optional
source_mac_list_idID of MAC address list.Optional
source_mac_notControls if the source MAC setting should be inverted.Optional
source_port_typeThe type of source port. Possible values are: any, multiple, port-list.Optional
source_port_multipleList of comma-delimited source ports.Optional
source_port_list_idID of source port list.Optional
source_port_notControls if the source port setting should be inverted.Optional
destination_ip_typeDestination IP type. Possible values are: any, single, multiple, range, masked-ip, ip-list.Optional
destination_ip_valueDestination IP.Optional
destination_ip_maskDestination IP mask.Optional
destination_ip_range_fromThe first value for a range of destination IP addresses.Optional
destination_ip_range_toThe last value for a range of destination IP addresses.Optional
destination_ip_multipleList of comma-delimited destination IP addresses.Optional
destination_ip_list_idID of destination IP list.Optional
destination_ip_notControls if the destination IP setting should be inverted.Optional
destination_mac_typeDestination MAC type. Possible values are: any, single, multiple, mac-list.Optional
destination_mac_valueDestination MAC address.Optional
destination_mac_multipleList of comma-delimited MAC addresses.Optional
destination_mac_list_idID of MAC address list.Optional
destination_mac_notControls if the destination MAC setting should be inverted.Optional
destination_port_typeThe type of destination port. Possible values are: any, port-list, multiple.Optional
destination_port_multipleList of comma-delimited destination ports.Optional
destination_port_list_idID of destination port list.Optional
destination_port_notControls if the destination port setting should be inverted.Optional
any_flagsTrue if any flags are used.Optional
log_disabledControls if logging for this filter is disabled.Optional
include_packet_dataControls if this filter should capture data for every log.Optional
alert_enabledControls if this filter should be alerted on.Optional
schedule_idID of the schedule to control when this filter is "on".Optional
context_idRuleContext that is applied to this filter.Optional
tcpflagsThe TCP flags the rule should filter by. Possible values are: syn, ack, psh, urg, fin, rst.Optional
tcp_notControls if the TCP settings should be inverted.Optional
icmp_typeThe ICMP type the rule should filter by.Optional
icmp_codeThe ICMP code the rule should filter by.Optional
icmp_notControls if the ICMP settings should be inverted.Optional

Context Output#

PathTypeDescription
TrendMicro.FirewallRules.namestringName of the firewall rule
TrendMicro.FirewallRules.descriptionstringDescription of the firewall rule
TrendMicro.FirewallRules.actionstringAction of the packet filter
TrendMicro.FirewallRules.prioritystringPriority of the packet filter
TrendMicro.FirewallRules.directionstringPacket direction
TrendMicro.FirewallRules.frameTypestringSupported frame types
TrendMicro.FirewallRules.frameNumberintegerEthernet frame number
TrendMicro.FirewallRules.frameNotbooleanControls if the frame setting should be inverted
TrendMicro.FirewallRules.protocolstringProtocol
TrendMicro.FirewallRules.protocolNumberintegerTwo-byte protocol number
TrendMicro.FirewallRules.protocolNotbooleanControls if the protocol setting should be inverted
TrendMicro.FirewallRules.sourceIPTypestringSource IP type
TrendMicro.FirewallRules.sourceIPValuestringSource IP
TrendMicro.FirewallRules.sourceIPMaskstringSource IP mask
TrendMicro.FirewallRules.sourceIPRangeFromstringThe first value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPRangeTostringThe last value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPMultiplearrayList of source IP addresses
TrendMicro.FirewallRules.sourceIPListIDintegerID of source IP list
TrendMicro.FirewallRules.sourceIPNotbooleanControls if the source IP setting should be inverted
TrendMicro.FirewallRules.sourceMACTypestringSource MAC type
TrendMicro.FirewallRules.sourceMACValuestringSource MAC address
TrendMicro.FirewallRules.sourceMACMultiplearrayList of MAC addresses
TrendMicro.FirewallRules.sourceMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.sourceMACNotbooleanControls if the source MAC setting should be inverted
TrendMicro.FirewallRules.sourcePortTypestringThe type of source port
TrendMicro.FirewallRules.sourcePortMultiplearrayList of comma-delimited source ports
TrendMicro.FirewallRules.sourcePortListIDintegerID of source port list
TrendMicro.FirewallRules.sourcePortNotbooleanControls if the source port setting should be inverted
TrendMicro.FirewallRules.destinationIPTypestringDestination IP type
TrendMicro.FirewallRules.destinationIPValuestringDestination IP
TrendMicro.FirewallRules.destinationIPMaskstringDestination IP mask
TrendMicro.FirewallRules.destinationIPRangeFromstringThe first value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPRangeTostringThe last value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPMultiplearrayList of comma-delimited destination IP addresses
TrendMicro.FirewallRules.destinationIPListIDintegerID of destination IP list
TrendMicro.FirewallRules.destinationIPNotbooleanControls if the destination IP setting should be inverted
TrendMicro.FirewallRules.destinationMACTypestringDestination MAC type
TrendMicro.FirewallRules.destinationMACValuestringDestination MAC address
TrendMicro.FirewallRules.destinationMACMultiplearrayList of comma-delimited MAC addresses
TrendMicro.FirewallRules.destinationMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.destinationMACNotbooleanControls if the destination MAC setting should be inverted
TrendMicro.FirewallRules.destinationPortTypestringThe type of destination port
TrendMicro.FirewallRules.destinationPortMultiplearrayList of comma-delimited destination ports
TrendMicro.FirewallRules.destinationPortListIDintegerID of destination port list
TrendMicro.FirewallRules.destinationPortNotbooleanControls if the destination port setting should be inverted
TrendMicro.FirewallRules.anyFlagsbooleanTrue if any flags are used
TrendMicro.FirewallRules.logDisabledbooleanControls if logging for this filter is disabled
TrendMicro.FirewallRules.includePacketDatabooleanControls if this filter should capture data for every log
TrendMicro.FirewallRules.alertEnabledbooleanControls if this filter should be alerted on
TrendMicro.FirewallRules.scheduleIDintegerID of the schedule to control when this filter is "on"
TrendMicro.FirewallRules.contextIDintegerRuleContext that is applied to this filter
TrendMicro.FirewallRules.tcpflagsarrayTCP flags
TrendMicro.FirewallRules.TCPNotbooleanWhether the TCP settings are inverted or not
TrendMicro.FirewallRules.ICMPTypeintegerICMP type
TrendMicro.FirewallRules.ICMPCodeintegerICMP code
TrendMicro.FirewallRules.ICMPNotbooleanWhether the ICMP settings are inverted or not

Command Example#

!trendmicro-modify-firewall-rule firewall_rule_id=174 action=deny

Context Example#

{
"TrendMicro": {
"FirewallRules": {
"ID": 174,
"action": "deny",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Example Rule",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
}
}
}

Human Readable Output#

Details About The Modified Firewall Rule 174#

IDNameDirectionAction
174Example Ruleincomingdeny

trendmicro-delete-firewall-rule#


Delete a certain firewall rule

Base Command#

trendmicro-delete-firewall-rule

Input#

Argument NameDescriptionRequired
firewall_rule_idThe ID number of the firewall rule to delete.Required

Context Output#

There is no context output for this command.

Command Example#

!trendmicro-delete-firewall-rule firewall_rule_id=174

Human Readable Output#

The firewall rule was successfully deleted!

trendmicro-list-firewall-rule-ids-of-computer#


List all IDs of the firewall rules that are assigned to a certain computer

Base Command#

trendmicro-list-firewall-rule-ids-of-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
overridesReturn only rule IDs assigned directly to the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.FirewallAssignments.assignedRuleIDsarrayList of assigned firewall rule IDs

Command Example#

!trendmicro-list-firewall-rule-ids-of-computer computer_id=216

Context Example#

{
"TrendMicro": {
"FirewallAssignments": {
"assignedRuleIDs": []
}
}
}

Human Readable Output#

The firewall rules IDs that are assigned to 216:

trendmicro-add-firewall-rule-ids-to-computer#


Add firewall rule IDs to a certain computer

Base Command#

trendmicro-add-firewall-rule-ids-to-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
overridesReturn only rule IDs assigned directly to the current computer. Possible values are: true, false. Default is false.Optional
rule_idsThe rule IDs to add to the computer.Required

Context Output#

PathTypeDescription
TrendMicro.FirewallAssignments.assignedRuleIDsarrayList of assigned firewall rule IDs

Command Example#

!trendmicro-add-firewall-rule-ids-to-computer computer_id=216 rule_ids=31

Context Example#

{
"TrendMicro": {
"FirewallAssignments": {
"assignedRuleIDs": [
21,
22,
31
]
}
}
}

Human Readable Output#

The firewall rules IDs that are assigned to computer 216: 21, 22, 31

trendmicro-set-firewall-rule-ids-to-computer#


Assign firewall rule IDs to a certain computer

Base Command#

trendmicro-set-firewall-rule-ids-to-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
overridesReturn only rule IDs assigned directly to the current computer. Possible values are: true, false. Default is false.Optional
rule_idsThe rule IDs to assign to the computer.Required

Context Output#

PathTypeDescription
TrendMicro.FirewallAssignments.assignedRuleIDsarrayList of assigned firewall rule IDs

Command Example#

!trendmicro-set-firewall-rule-ids-to-computer computer_id=216 rule_ids=21,22

Context Example#

{
"TrendMicro": {
"FirewallAssignments": {
"assignedRuleIDs": [
21,
22
]
}
}
}

Human Readable Output#

The firewall rules IDs that are assigned to computer 216: 21, 22

trendmicro-get-policy#


Get information about a certain policy

Base Command#

trendmicro-get-policy

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy to get.Required
overridesShow only overrides defined for the current policy. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.Policies.parentIDintegerID of the parent policy
TrendMicro.Policies.namestringName of the policy
TrendMicro.Policies.descriptionstringDescription of the policy
TrendMicro.Policies.recommendationScanModestringEnable or disable ongoing recommendation scans for computers assigned this policy
TrendMicro.Policies.autoRequiresUpdatestringAutomatically update computers assigned this policy when the configuration changes

Command Example#

!trendmicro-get-policy policy_id=105

Context Example#

{
"TrendMicro": {
"Policies": {
"ID": 105,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "Example policy description",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Example Policy",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
}
}
}

Human Readable Output#

Details About The Policy 105#

IDNameDescription
105Example PolicyExample policy description

trendmicro-modify-policy#


Modify a certain policy

Base Command#

trendmicro-modify-policy

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy to modify.Required
overridesShow only overrides defined for the current policy. Possible values are: true, false. Default is false.Optional
parent_idID of the parent policy.Optional
nameName of the policy.Optional
descriptionDescription of the policy.Optional
recommendation_scan_modeEnable or disable ongoing recommendation scans for computers assigned this policy.Optional
auto_requires_updateAutomatically update computers assigned this policy when the configuration changes.Optional

Context Output#

PathTypeDescription
TrendMicro.Policies.parentIDintegerID of the parent policy
TrendMicro.Policies.namestringName of the policy
TrendMicro.Policies.descriptionstringDescription of the policy
TrendMicro.Policies.recommendationScanModestringEnable or disable ongoing recommendation scans for computers assigned this policy
TrendMicro.Policies.autoRequiresUpdatestringAutomatically update computers assigned this policy when the configuration changes

Command Example#

!trendmicro-modify-policy policy_id=105 description="Example policy description"

Context Example#

{
"TrendMicro": {
"Policies": {
"ID": 105,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "Example policy description",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Example Policy",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
}
}
}

Human Readable Output#

Details About The Policy 105#

IDNameDescription
105Example PolicyExample policy description

trendmicro-delete-policy#


Delete a certain policy

Base Command#

trendmicro-delete-policy

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy to delete.Required

Context Output#

There is no context output for this command.

Command Example#

!trendmicro-delete-policy policy_id=105

Human Readable Output#

The policy was successfully deleted!

trendmicro-get-policy-setting#


Get information about a setting of a certain policy

Base Command#

trendmicro-get-policy-setting

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy.Required
nameThe name of the policy setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current policy. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.PolicySettings.policyIdintegerPolicy ID of a Setting
TrendMicro.PolicySettings.namestringName of a Setting
TrendMicro.PolicySettings.valuestringValue of a Setting

Command Example#

!trendmicro-get-policy-setting policy_id=105 name=firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled

Context Example#

{
"TrendMicro": {
"PolicySettings": {
"name": "firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled",
"policyId": 105,
"value": "false"
}
}
}

Human Readable Output#

The Policy Setting#

Policy IdNameValue
105firewallSettingEngineOptionGenerateConnectionEventsUdpEnabledfalse

trendmicro-modify-policy-setting#


Modify the value of a setting of a certain policy

Base Command#

trendmicro-modify-policy-setting

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy.Required
nameThe name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current computer. Possible values are: true, false. Default is false.Optional
valueValue of a Setting.Optional

Context Output#

PathTypeDescription
TrendMicro.PolicySettings.policyIdintegerPolicy Id of a Setting
TrendMicro.PolicySettings.namestringName of a Setting
TrendMicro.PolicySettings.valuestringValue of a Setting

Command Example#

!trendmicro-modify-policy-setting name=firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled policy_id=105 value=true

Context Example#

{
"TrendMicro": {
"PolicySettings": {
"name": "firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled",
"policyId": 105,
"value": "true"
}
}
}

Human Readable Output#

The Policy Setting:#

Policy IdNameValue
105firewallSettingEngineOptionGenerateConnectionEventsUdpEnabledtrue

trendmicro-reset-policy-setting#


Reset the value of a setting of a certain policy

Base Command#

trendmicro-reset-policy-setting

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy.Required
nameThe name of the policy setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current policy. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.PolicySettings.policyIdintegerPolicy Id of a Setting
TrendMicro.PolicySettings.namestringName of a Setting
TrendMicro.PolicySettings.valuestringValue of a Setting

Command Example#

!trendmicro-reset-policy-setting name=firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled policy_id=105

Context Example#

{
"TrendMicro": {
"PolicySettings": {
"name": "firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled",
"policyId": 105,
"value": "false"
}
}
}

Human Readable Output#

The Policy Setting#

Policy IdNameValue
105firewallSettingEngineOptionGenerateConnectionEventsUdpEnabledfalse

trendmicro-list-policies#


List all existing policies

Base Command#

trendmicro-list-policies

Input#

Argument NameDescriptionRequired
overridesShow only overrides defined for the current policy. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.Policies.parentIDintegerID of the parent policy
TrendMicro.Policies.namestringName of the policy
TrendMicro.Policies.descriptionstringDescription of the policy
TrendMicro.Policies.recommendationScanModestringEnable or disable ongoing recommendation scans for computers assigned this policy
TrendMicro.Policies.autoRequiresUpdatestringAutomatically update computers assigned this policy when the configuration changes

Command Example#

!trendmicro-list-policies

Context Example#

{
"TrendMicro": {
"Policies": [
{
"ID": 1,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "A policy from which all other policies can inherit. Only the most general settings should be applied to this policy as they will apply to all policies that inherit from it, unless overridden. More specific settings and rules should be added to sub-policies that are assigned to computers.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Base Policy",
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 2,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "An example policy from which all the example Windows policies inherit. Any settings that are common to all Windows policies can be set here.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Windows",
"parentID": 1,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 3,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "on"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "An example policy for Windows Server 2012 servers.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "active",
"statusMessage": "On, 22 rules"
},
"ruleIDs": [
23,
24,
25,
28,
29,
30,
32,
33,
34,
36,
42,
46,
47,
48,
49,
52,
53,
54,
57,
58,
59,
60
],
"state": "on"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 27 rules"
},
"ruleIDs": [
1,
2,
3,
4,
5,
6,
11,
12,
13,
14,
17,
19,
20,
23,
24,
38,
53,
54,
57,
62,
64,
103,
144,
151,
157,
159,
163
],
"state": "on"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Prevent, no rules"
},
"state": "prevent"
},
"logInspection": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 5 rules"
},
"ruleIDs": [
18,
27,
28,
44,
75
],
"state": "on"
},
"name": "Windows Server 2012",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 4,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "on"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "An example policy for Windows Server 2008 servers.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "active",
"statusMessage": "On, 22 rules"
},
"ruleIDs": [
23,
24,
25,
28,
29,
30,
32,
33,
34,
36,
42,
46,
47,
48,
49,
52,
53,
54,
57,
58,
59,
60
],
"state": "on"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 27 rules"
},
"ruleIDs": [
1,
2,
3,
4,
5,
6,
11,
12,
13,
14,
17,
19,
20,
23,
24,
38,
53,
54,
57,
62,
64,
103,
144,
151,
157,
159,
163
],
"state": "on"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Prevent, no rules"
},
"state": "prevent"
},
"logInspection": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 5 rules"
},
"ruleIDs": [
18,
27,
28,
44,
75
],
"state": "on"
},
"name": "Windows Server 2008",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 5,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "on"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "An example policy for Windows Server 2003 servers.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "active",
"statusMessage": "On, 22 rules"
},
"ruleIDs": [
23,
24,
25,
28,
29,
30,
32,
33,
34,
36,
42,
46,
47,
48,
49,
52,
53,
54,
57,
58,
59,
60
],
"state": "on"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 27 rules"
},
"ruleIDs": [
1,
2,
3,
4,
5,
6,
11,
12,
13,
14,
17,
19,
20,
23,
24,
38,
53,
54,
57,
62,
64,
103,
144,
151,
157,
159,
163
],
"state": "on"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Prevent, no rules"
},
"state": "prevent"
},
"logInspection": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 6 rules"
},
"ruleIDs": [
18,
27,
28,
39,
44,
75
],
"state": "on"
},
"name": "Windows Server 2003",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""