Skip to main content

Trend Micro Deep Security

This Integration is part of the Trend Micro Deep Security Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Trend Micro Deep Security This integration was integrated and tested with version 20.0 of Trend Micro Deep Security, and v1 of the API.

Changes compared to TrendMicroDsm#

Changes in commands#

  1. trendmicro-create-computer - New command.
  2. trendmicro-search-computers - New command.
  3. trendmicro-get-computer - New command.
  4. trendmicro-list-computers - New command.
  5. trendmicro-modify-computer - New command.
  6. trendmicro-delete-computer - New command.
  7. trendmicro-get-computer-setting - New command.
  8. trendmicro-modify-computer-setting - New command.
  9. trendmicro-reset-computer-setting - New command.
  10. trendmicro-list-computer-groups - New command.
  11. trendmicro-create-computer-group - New command.
  12. trendmicro-search-computer-groups - New command.
  13. trendmicro-get-computer-group - New command.
  14. trendmicro-modify-computer-group - New command.
  15. trendmicro-delete-computer-group - New command.
  16. trendmicro-search-firewall-rules - New command.
  17. trendmicro-list-firewall-rules - New command.
  18. trendmicro-create-firewall-rule - New command.
  19. trendmicro-get-firewall-rule - New command.
  20. trendmicro-modify-firewall-rule - New command.
  21. trendmicro-delete-firewall-rule - New command.
  22. trendmicro-list-firewall-rule-ids-of-computer - New command.
  23. trendmicro-add-firewall-rule-ids-to-computer - New command.
  24. trendmicro-set-firewall-rule-ids-to-computer - New command.
  25. trendmicro-get-policy - New command.
  26. trendmicro-modify-policy - New command.
  27. trendmicro-delete-policy - New command.
  28. trendmicro-get-policy-setting - New command.
  29. trendmicro-modify-policy-setting - New command.
  30. trendmicro-reset-policy-setting - New command.
  31. trendmicro-list-policies - New command.
  32. trendmicro-search-policies - New command.
  33. trendmicro-create-policy - New command.
  34. trendmicro-remove-firewall-rule-id-from-computer - New command.
  35. trendmicro-list-default-policy-settings - New command.
  36. trendmicro-get-default-policy-setting - New command.
  37. trendmicro-modify-default-policy-setting - New command.
  38. trendmicro-reset-default-policy-setting - New command.

Configure Trend Micro Deep Security in Cortex#

ParameterDescriptionRequired
Server URLServer URL for TrendMicro console. e.g: https://ip:port/True
API SecretThe API secret keyTrue
API VersionThe API version usedFalse
Trust any certificate (not secure)False
Use system proxy settingsFalse

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

trendmicro-create-computer#


Create a new computer

Base Command#

trendmicro-create-computer

Input#

Argument NameDescriptionRequired
expandDetermines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none.Optional
overridesShow only overrides defined for the current computer. Possible values are: true, false. Default is false.Optional
host_nameHostname of the computer.Optional
display_nameDisplay name of the computer.Optional
descriptionDescription of the computer.Optional
group_idID of the computer group to which the computer belongs.Optional
policy_idID of the policy assigned to the computer.Optional
asset_importance_idID of the asset importance assigned to the computer.Optional
relay_list_idID of the relay list that is assigned to the computer.Optional

Context Output#

PathTypeDescription
TrendMicro.Computers.hostNamestringHostname of the computer
TrendMicro.Computers.displayNamestringDisplay name of the computer
TrendMicro.Computers.descriptionstringDescription of the computer
TrendMicro.Computers.groupIDintegerID of the computer group to which the computer belongs
TrendMicro.Computers.policyIDintegerID of the policy assigned to the computer
TrendMicro.Computers.assetImportanceIDintegerID of the asset importance assigned to the computer
TrendMicro.Computers.relayListIDintegerID of the relay list that is assigned to the computer

Command Example#

!trendmicro-create-computer host_name="example_computer"

Context Example#

{
"TrendMicro": {
"Computers": {
"ID": 217,
"agentVersion": "0.0.0.0",
"description": "",
"displayName": "",
"groupID": 0,
"hostGUID": "55793E73-1CC8-40EE-DE11-0FC0A5D7D77D",
"hostName": "example_computer",
"lastIPUsed": "",
"platform": "Unknown",
"relayListID": 0
}
}
}

Human Readable Output#

Details for the new computer example_computer#

IDHost NameGroup ID
217example_computer0

trendmicro-search-computers#


Search for specific computers by some field name with a certain type. Every field has a specific type. It can be a simple type like a string, a numeric or a boolean. However, it can also be a choice, which is a string with specific options (enumeration). To search, you must provide the field_name & field_type, the operation to perform, and the value to search.

Base Command#

trendmicro-search-computers

Input#

Argument NameDescriptionRequired
max_itemsLimits the number of objects returned.Optional
field_nameThe field name to search for. Possible values are: hostName, displayName, description, groupID, policyID, assetImportanceID, relayListID.Required
field_typeThe type of the field. Possible values are: boolean, numeric, choice, id, string.Required
operationThe search conditional to test on the field name. Possible values are: less-than, less-than-or-equal, equal, greater-than-or-equal, greater-than, not-equal.Required
valueThe value to compare.Required
sort_by_object_idIf true, forces the response objects to be sorted by ID, overriding the default sort order.Optional

Context Output#

PathTypeDescription
TrendMicro.Computers.hostNamestringHostname of the computer
TrendMicro.Computers.displayNamestringDisplay name of the computer
TrendMicro.Computers.descriptionstringDescription of the computer
TrendMicro.Computers.groupIDintegerID of the computer group to which the computer belongs
TrendMicro.Computers.policyIDintegerID of the policy assigned to the computer
TrendMicro.Computers.assetImportanceIDintegerID of the asset importance assigned to the computer
TrendMicro.Computers.relayListIDintegerID of the relay list that is assigned to the computer

Command Example#

!trendmicro-search-computers field_name=groupID field_type=numeric operation=equal value=0

Context Example#

{
"TrendMicro": {
"Computers": [
{
"ID": 1,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "On"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "Modified Test",
"displayName": "testq1",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"ruleIDs": [
23,
28,
30
],
"state": "off"
},
"groupID": 0,
"hostGUID": "52DA6A2B-A3AD-4DA7-911C-3C8915E26BA5",
"hostName": "q1",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"policyID": 1,
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
},
{
"ID": 2,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 0,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 0,
"realTimeScanScheduleID": 0,
"scheduledScanConfigurationID": 0,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": ""
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": ""
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "30 Seconds"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": ""
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "2"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "F2E3B97E-773E-B775-167F-571C4DF1D275",
"hostName": "q2",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
},
{
"ID": 3,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 0,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 0,
"realTimeScanScheduleID": 0,
"scheduledScanConfigurationID": 0,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": ""
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": ""
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "30 Seconds"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": ""
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "2"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "950C88D8-90FD-3F4F-02E4-DF1EC0E0D801",
"hostName": "poc",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
},
{
"ID": 34,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "Modified Test",
"displayName": "",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"groupID": 0,
"hostGUID": "D371794B-C7C0-A81F-8DA0-D658A26B1DD4",
"hostName": "aaaaa",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"policyID": 1,
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
},
{
"ID": 166,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 0,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 0,
"realTimeScanScheduleID": 0,
"scheduledScanConfigurationID": 0,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": ""
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": ""
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "30 Seconds"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": ""
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "2"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "6F786725-039C-CCEE-1BD2-43E63DFED122",
"hostName": "poc1",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
},
{
"ID": 216,
"activityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"agentVersion": "0.0.0.0",
"antiMalware": {
"manualScanConfigurationID": 0,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"realTimeScanConfigurationID": 0,
"realTimeScanScheduleID": 0,
"scheduledScanConfigurationID": 0,
"state": "off"
},
"applicationControl": {
"blockUnrecognized": false,
"maintenanceModeStatus": "off",
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"computerSettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": ""
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": ""
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "30 Seconds"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": ""
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "2"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"computerStatus": {
"agentStatus": "inactive",
"agentStatusMessages": [
"Unmanaged (Unknown)"
]
},
"description": "",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "08397785-21E7-2029-A203-0635247ED6D8",
"hostName": "example_computer",
"integrityMonitoring": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"lastIPUsed": "",
"logInspection": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"platform": "Unknown",
"relayListID": 0,
"webReputation": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
}
}
]
}
}

Human Readable Output#

Matched Computers#

IDHost NameDescriptionGroup ID
1q1Modified Test0
2q2Modified Test0
3pocModified Test0
34aaaaaModified Test0
166poc1Modified Test0
216example_computer0

trendmicro-get-computer#


Get information about a certain computer

Base Command#

trendmicro-get-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer to get.Required
expandDetermines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none.Optional
overridesShow only overrides defined for the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.Computers.hostNamestringHostname of the computer
TrendMicro.Computers.displayNamestringDisplay name of the computer
TrendMicro.Computers.descriptionstringDescription of the computer
TrendMicro.Computers.groupIDintegerID of the computer group to which the computer belongs
TrendMicro.Computers.policyIDintegerID of the policy assigned to the computer
TrendMicro.Computers.assetImportanceIDintegerID of the asset importance assigned to the computer
TrendMicro.Computers.relayListIDintegerID of the relay list that is assigned to the computer

Command Example#

!trendmicro-get-computer computer_id=216

Context Example#

{
"TrendMicro": {
"Computers": {
"ID": 216,
"agentVersion": "0.0.0.0",
"description": "",
"displayName": "",
"groupID": 0,
"hostGUID": "08397785-21E7-2029-A203-0635247ED6D8",
"hostName": "example_computer",
"lastIPUsed": "",
"platform": "Unknown",
"relayListID": 0
}
}
}

Human Readable Output#

Details for the computer example_computer#

IDHost NameGroup ID
216example_computer0

trendmicro-list-computers#


Get information of all existing computers

Base Command#

trendmicro-list-computers

Input#

Argument NameDescriptionRequired
expandDetermines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none.Optional
overridesShow only overrides defined for the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.Computers.hostNamestringHostname of the computer
TrendMicro.Computers.displayNamestringDisplay name of the computer
TrendMicro.Computers.descriptionstringDescription of the computer
TrendMicro.Computers.groupIDintegerID of the computer group to which the computer belongs
TrendMicro.Computers.policyIDintegerID of the policy assigned to the computer
TrendMicro.Computers.assetImportanceIDintegerID of the asset importance assigned to the computer
TrendMicro.Computers.relayListIDintegerID of the relay list that is assigned to the computer

Command Example#

!trendmicro-list-computers expand="firewall"

Context Example#

{
"TrendMicro": {
"Computers": [
{
"ID": 1,
"agentVersion": "0.0.0.0",
"description": "Modified Test",
"displayName": "testq1",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"ruleIDs": [
23,
28,
30
],
"state": "off"
},
"groupID": 0,
"hostGUID": "52DA6A2B-A3AD-4DA7-911C-3C8915E26BA5",
"hostName": "q1",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"platform": "Unknown",
"policyID": 1,
"relayListID": 0
},
{
"ID": 2,
"agentVersion": "0.0.0.0",
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "F2E3B97E-773E-B775-167F-571C4DF1D275",
"hostName": "q2",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"platform": "Unknown",
"relayListID": 0
},
{
"ID": 3,
"agentVersion": "0.0.0.0",
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "950C88D8-90FD-3F4F-02E4-DF1EC0E0D801",
"hostName": "poc",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"platform": "Unknown",
"relayListID": 0
},
{
"ID": 34,
"agentVersion": "0.0.0.0",
"description": "Modified Test",
"displayName": "",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"groupID": 0,
"hostGUID": "D371794B-C7C0-A81F-8DA0-D658A26B1DD4",
"hostName": "aaaaa",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"platform": "Unknown",
"policyID": 1,
"relayListID": 0
},
{
"ID": 166,
"agentVersion": "0.0.0.0",
"description": "Modified Test",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "6F786725-039C-CCEE-1BD2-43E63DFED122",
"hostName": "poc1",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492018767,
"platform": "Unknown",
"relayListID": 0
},
{
"ID": 216,
"agentVersion": "0.0.0.0",
"description": "",
"displayName": "",
"firewall": {
"moduleStatus": {
"agentStatus": "inactive",
"agentStatusMessage": "Not Activated"
},
"state": "off"
},
"groupID": 0,
"hostGUID": "08397785-21E7-2029-A203-0635247ED6D8",
"hostName": "example_computer",
"lastIPUsed": "",
"platform": "Unknown",
"relayListID": 0
}
]
}
}

Human Readable Output#

All computers list#

IDHost NameDescriptionGroup ID
1q1Modified Test0
2q2Modified Test0
3pocModified Test0
34aaaaaModified Test0
166poc1Modified Test0
216example_computer0

trendmicro-modify-computer#


Modify properties of a certain computer

Base Command#

trendmicro-modify-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer to modify.Required
expandDetermines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none.Optional
host_nameHostname of the computer.Optional
display_nameDisplay name of the computer.Optional
descriptionDescription of the computer.Optional
group_idID of the computer group to which the computer belongs.Optional
policy_idID of the policy assigned to the computer.Optional
asset_importance_idID of the asset importance assigned to the computer.Optional
relay_list_idID of the relay list that is assigned to the computer.Optional
overridesShow the value only if defined for the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.Computers.hostNamestringHostname of the computer
TrendMicro.Computers.displayNamestringDisplay name of the computer
TrendMicro.Computers.descriptionstringDescription of the computer
TrendMicro.Computers.groupIDintegerID of the computer group to which the computer belongs
TrendMicro.Computers.policyIDintegerID of the policy assigned to the computer
TrendMicro.Computers.assetImportanceIDintegerID of the asset importance assigned to the computer
TrendMicro.Computers.relayListIDintegerID of the relay list that is assigned to the computer

Command Example#

!trendmicro-modify-computer computer_id=216 description="Example computer description"

Context Example#

{
"TrendMicro": {
"Computers": {
"ID": 216,
"agentVersion": "0.0.0.0",
"description": "Example computer description",
"displayName": "",
"groupID": 0,
"hostGUID": "08397785-21E7-2029-A203-0635247ED6D8",
"hostName": "example_computer",
"lastIPUsed": "",
"lastSendPolicyRequest": 1622492628442,
"platform": "Unknown",
"relayListID": 0
}
}
}

Human Readable Output#

Details for the computer example_computer#

IDHost NameDescriptionGroup ID
216example_computerExample computer description0

trendmicro-delete-computer#


Delete a certain computer

Base Command#

trendmicro-delete-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer to delete.Required

Context Output#

There is no context output for this command.

Command Example#

!trendmicro-delete-computer computer_id=216

Human Readable Output#

The computer was successfully deleted!

trendmicro-get-computer-setting#


Get information about a setting of a certain computer

Base Command#

trendmicro-get-computer-setting

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
nameThe name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.ComputersSettings.computerIdintegerThe computer id that owns the computer
TrendMicro.ComputersSettings.namestringThe name of the setting
TrendMicro.ComputersSettings.valuestringThe value of a setting

Command Example#

!trendmicro-get-computer-setting computer_id=216 name=activityMonitoringSettingActivityEnabled

Context Example#

{
"TrendMicro": {
"ComputersSettings": {
"computerId": 216,
"name": "activityMonitoringSettingActivityEnabled",
"value": "Off"
}
}
}

Human Readable Output#

Settings for computer 216#

Computer IDNameValue
activityMonitoringSettingActivityEnabledOff

trendmicro-modify-computer-setting#


Modify a setting of a certain computer

Base Command#

trendmicro-modify-computer-setting

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
nameThe name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current computer. Possible values are: true, false. Default is false.Optional
valueValue of a Setting.Required

Context Output#

PathTypeDescription
TrendMicro.ComputersSettings.computerIdintegerThe ID of the computer that owns the setting
TrendMicro.ComputersSettings.namestringThe name of the setting
TrendMicro.ComputersSettings.valuestringValue of a Setting

Command Example#

!trendmicro-modify-computer-setting computer_id=216 name=activityMonitoringSettingActivityEnabled value=on

Context Example#

{
"TrendMicro": {
"ComputersSettings": {
"computerId": 216,
"name": "activityMonitoringSettingActivityEnabled",
"value": "On"
}
}
}

Human Readable Output#

Settings for computer 216#

Computer IDNameValue
activityMonitoringSettingActivityEnabledOn

trendmicro-reset-computer-setting#


Reset a setting of certain computer to its default value.

Base Command#

trendmicro-reset-computer-setting

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
nameThe name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.ComputersSettings.computerIdintegerThe ID of the computer that owns the setting
TrendMicro.ComputersSettings.namestringThe name of the setting
TrendMicro.ComputersSettings.valuestringThe value of the setting

Command Example#

!trendmicro-reset-computer-setting computer_id=216 name=activityMonitoringSettingActivityEnabled

Context Example#

{
"TrendMicro": {
"ComputersSettings": {
"computerId": 216,
"name": "activityMonitoringSettingActivityEnabled",
"value": "Off"
}
}
}

Human Readable Output#

Settings for computer 216#

Computer IDNameValue
activityMonitoringSettingActivityEnabledOff

trendmicro-list-computer-groups#


Get information about all existing computer groups

Base Command#

trendmicro-list-computer-groups

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
TrendMicro.ComputerGroups.namestringName of the computer group
TrendMicro.ComputerGroups.descriptionstringDescription of the computer group
TrendMicro.ComputerGroups.parentGroupIDintegerID of the computer group's parent group

Command Example#

!trendmicro-list-computer-groups

Context Example#

{
"TrendMicro": {
"ComputerGroups": [
{
"ID": 1,
"description": "Testing Group",
"name": "PoC Group",
"type": "folder"
},
{
"ID": 100,
"description": "Test Group",
"name": "Test",
"parentGroupID": 1,
"type": "folder"
},
{
"ID": 110,
"description": "",
"name": "Example Computer Group",
"parentGroupID": 1,
"type": "folder"
}
]
}
}

Human Readable Output#

Computer Groups#

IDNameDescriptionParent Group ID
1PoC GroupTesting Group
100TestTest Group1
110Example Computer Group1

trendmicro-create-computer-group#


Create a new computer group

Base Command#

trendmicro-create-computer-group

Input#

Argument NameDescriptionRequired
nameName of the computer group.Required
descriptionDescription of the computer group.Optional
parent_group_idID of the computer group's parent group.Optional

Context Output#

PathTypeDescription
TrendMicro.ComputerGroups.namestringName of the computer group
TrendMicro.ComputerGroups.descriptionstringDescription of the computer group
TrendMicro.ComputerGroups.parentGroupIDintegerID of the computer group's parent group

Command Example#

!trendmicro-create-computer-group name="Example Computer Group" description="Example computer group description" parent_group_id=1

Context Example#

{
"TrendMicro": {
"ComputerGroups": {
"ID": 111,
"description": "Example computer group description",
"name": "Example Computer Group",
"parentGroupID": 1,
"type": "folder"
}
}
}

Human Readable Output#

Computer Groups#

IDNameDescriptionParent Group ID
111Example Computer GroupExample computer group description1

trendmicro-search-computer-groups#


Search for specific computer groups by some field name with a certain type. Every field has a specific type. It can be a simple type like a string, a numeric or a boolean. However, it can also be a choice, which is a string with specific options (enumeration). To search, you must provide the field_name & field_type, the operation to perform, and the value to search.

Base Command#

trendmicro-search-computer-groups

Input#

Argument NameDescriptionRequired
max_itemsLimits the number of objects returned.Optional
field_nameThe name of the field. Possible values are: ID, type, name, description, parentGroupID.Required
field_typeThe type of the field. Possible values are: boolean, numeric, choice, id, string.Required
operationThe operation to compare with. Possible values are: less-than, less-than-or-equal, equal, greater-than-or-equal, greater-than, not-equal.Required
valueThe value compare against the field name.Required
sort_by_object_idIf true, forces the response objects to be sorted by ID, overriding the default sort order.Optional

Context Output#

PathTypeDescription
TrendMicro.ComputerGroups.namestringName of the computer group
TrendMicro.ComputerGroups.descriptionstringDescription of the computer group
TrendMicro.ComputerGroups.parentGroupIDintegerID of the computer group's parent group

Command Example#

!trendmicro-search-computer-groups field_name=ID operation=equal field_type=id value=110

Context Example#

{
"TrendMicro": {
"ComputerGroups": {
"ID": 110,
"description": "",
"name": "Example Computer Group",
"parentGroupID": 1,
"type": "folder"
}
}
}

Human Readable Output#

Matched Computer Groups#

IDNameParent Group ID
110Example Computer Group1

trendmicro-get-computer-group#


Get information of a certain computer group

Base Command#

trendmicro-get-computer-group

Input#

Argument NameDescriptionRequired
computer_group_idThe ID number of the computer group to get.Required

Context Output#

PathTypeDescription
TrendMicro.ComputerGroups.namestringName of the computer group
TrendMicro.ComputerGroups.descriptionstringDescription of the computer group
TrendMicro.ComputerGroups.parentGroupIDintegerID of the computer group's parent group

Command Example#

!trendmicro-get-computer-group computer_group_id=110

Context Example#

{
"TrendMicro": {
"ComputerGroups": {
"ID": 110,
"description": "",
"name": "Example Computer Group",
"parentGroupID": 1,
"type": "folder"
}
}
}

Human Readable Output#

Computer Group 110 Details#

IDNameParent Group ID
110Example Computer Group1

trendmicro-modify-computer-group#


Modify the properties of a certain computer group

Base Command#

trendmicro-modify-computer-group

Input#

Argument NameDescriptionRequired
computer_group_idThe ID number of the computer group to modify.Required
nameName of the computer group.Optional
descriptionDescription of the computer group.Optional
parent_group_idID of the computer group's parent group.Optional

Context Output#

PathTypeDescription
TrendMicro.ComputerGroups.namestringName of the computer group
TrendMicro.ComputerGroups.descriptionstringDescription of the computer group
TrendMicro.ComputerGroups.parentGroupIDintegerID of the computer group's parent group

Command Example#

!trendmicro-modify-computer-group computer_group_id=110 description="Example computer group description"

Context Example#

{
"TrendMicro": {
"ComputerGroups": {
"ID": 110,
"description": "Example computer group description",
"name": "Example Computer Group",
"parentGroupID": 1,
"type": "folder"
}
}
}

Human Readable Output#

Computer Group#

IDNameDescriptionParent Group ID
110Example Computer GroupExample computer group description1

trendmicro-delete-computer-group#


Delete a certain computer group

Base Command#

trendmicro-delete-computer-group

Input#

Argument NameDescriptionRequired
computer_group_idThe ID number of the computer group to delete.Required

Context Output#

There is no context output for this command.

Command Example#

!trendmicro-delete-computer-group computer_group_id=110

Human Readable Output#

The computer group was successfully deleted!

trendmicro-search-firewall-rules#


Search for specific firewall rules by some field name with a certain type. Every field has a specific type. It can be a simple type like a string, a numeric or a boolean. However, it can also be a choice, which is a string with specific options (enumeration). To search, you must provide the field_name & field_type, the operation to perform, and the value to search.

Base Command#

trendmicro-search-firewall-rules

Input#

Argument NameDescriptionRequired
max_itemsLimits the number of objects returned.Optional
field_nameThe field name to search. Possible values are: ID, name, description, action, priority, direction, frameType, frameNumber, frameNot, protocol, protocolNumber, protocolNot, sourceIPType, sourceIPValue, sourceIPMask, sourceIPRangeFrom, sourceIPRangeTo, sourceIPMultiple, sourceIPListID, sourceIPNot, sourceMACType, sourceMACValue, sourceMACMultiple, sourceMACListID, sourceMACNot, sourcePortType, sourcePortMultiple, sourcePortListID, sourcePortNot, destinationIPType, destinationIPValue, destinationIPMask, destinationIPRangeFrom, destinationIPRangeTo, destinationIPMultiple, destinationIPListID, destinationIPNot, destinationMACType, destinationMACValue, destinationMACMultiple, destinationMACListID, destinationMACNot, destinationPortType, destinationPortMultiple, destinationPortListID, destinationPortNot, anyFlags, logDisabled, includePacketData, alertEnabled, scheduleID, contextID.Required
field_typeThe field type. Possible values are: boolean, numeric, choice, id, string. Default is string.Optional
operationThe operation to test against the field. Possible values are: less-than, less-than-or-equal, equal, greater-than-or-equal, greater-than, not-equal.Required
valueThe value to compare against the field.Required
sort_by_object_idIf true, forces the response objects to be sorted by ID, overriding the default sort order.Optional

Context Output#

PathTypeDescription
TrendMicro.FirewallRules.namestringName of the firewall rule
TrendMicro.FirewallRules.descriptionstringDescription of the firewall rule
TrendMicro.FirewallRules.actionstringAction of the packet filter
TrendMicro.FirewallRules.prioritystringPriority of the packet filter
TrendMicro.FirewallRules.directionstringPacket direction
TrendMicro.FirewallRules.frameTypestringSupported frame types
TrendMicro.FirewallRules.frameNumberintegerEthernet frame number
TrendMicro.FirewallRules.frameNotbooleanControls if the frame setting should be inverted
TrendMicro.FirewallRules.protocolstringProtocol
TrendMicro.FirewallRules.protocolNumberintegerTwo-byte protocol number
TrendMicro.FirewallRules.protocolNotbooleanControls if the protocol setting should be inverted
TrendMicro.FirewallRules.sourceIPTypestringSource IP type
TrendMicro.FirewallRules.sourceIPValuestringSource IP
TrendMicro.FirewallRules.sourceIPMaskstringSource IP mask
TrendMicro.FirewallRules.sourceIPRangeFromstringThe first value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPRangeTostringThe last value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPMultiplearrayList of source IP addresses
TrendMicro.FirewallRules.sourceIPListIDintegerID of source IP list
TrendMicro.FirewallRules.sourceIPNotbooleanControls if the source IP setting should be inverted
TrendMicro.FirewallRules.sourceMACTypestringSource MAC type
TrendMicro.FirewallRules.sourceMACValuestringSource MAC address
TrendMicro.FirewallRules.sourceMACMultiplearrayList of MAC addresses
TrendMicro.FirewallRules.sourceMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.sourceMACNotbooleanControls if the source MAC setting should be inverted
TrendMicro.FirewallRules.sourcePortTypestringThe type of source port
TrendMicro.FirewallRules.sourcePortMultiplearrayList of comma-delimited source ports
TrendMicro.FirewallRules.sourcePortListIDintegerID of source port list
TrendMicro.FirewallRules.sourcePortNotbooleanControls if the source port setting should be inverted
TrendMicro.FirewallRules.destinationIPTypestringDestination IP type
TrendMicro.FirewallRules.destinationIPValuestringDestination IP
TrendMicro.FirewallRules.destinationIPMaskstringDestination IP mask
TrendMicro.FirewallRules.destinationIPRangeFromstringThe first value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPRangeTostringThe last value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPMultiplearrayList of comma-delimited destination IP addresses
TrendMicro.FirewallRules.destinationIPListIDintegerID of destination IP list
TrendMicro.FirewallRules.destinationIPNotbooleanControls if the destination IP setting should be inverted
TrendMicro.FirewallRules.destinationMACTypestringDestination MAC type
TrendMicro.FirewallRules.destinationMACValuestringDestination MAC address
TrendMicro.FirewallRules.destinationMACMultiplearrayList of comma-delimited MAC addresses
TrendMicro.FirewallRules.destinationMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.destinationMACNotbooleanControls if the destination MAC setting should be inverted
TrendMicro.FirewallRules.destinationPortTypestringThe type of destination port
TrendMicro.FirewallRules.destinationPortMultiplearrayList of comma-delimited destination ports
TrendMicro.FirewallRules.destinationPortListIDintegerID of destination port list
TrendMicro.FirewallRules.destinationPortNotbooleanControls if the destination port setting should be inverted
TrendMicro.FirewallRules.anyFlagsbooleanTrue if any flags are used
TrendMicro.FirewallRules.logDisabledbooleanControls if logging for this filter is disabled
TrendMicro.FirewallRules.includePacketDatabooleanControls if this filter should capture data for every log
TrendMicro.FirewallRules.alertEnabledbooleanControls if this filter should be alerted on
TrendMicro.FirewallRules.scheduleIDintegerID of the schedule to control when this filter is "on"
TrendMicro.FirewallRules.contextIDintegerRuleContext that is applied to this filter
TrendMicro.FirewallRules.tcpflagsarrayTCP flags
TrendMicro.FirewallRules.TCPNotbooleanWhther the TCP settings are inverted or not
TrendMicro.FirewallRules.ICMPTypeintegerICMP type
TrendMicro.FirewallRules.ICMPCodeintegerICMP code
TrendMicro.FirewallRules.ICMPNotbooleanWhther the ICMP settings are inverted or not

Command Example#

!trendmicro-search-firewall-rules field_name="action" field_type="choice" operation="equal" value="allow"

Context Example#

{
"TrendMicro": {
"FirewallRules": [
{
"ID": 20,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to Deep Security Agent",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 11,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Deep Security Agent",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 21,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to VMware vCenter Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 12,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "VMware vCenter Server",
"priority": "0",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 22,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow Deep Security as a Service inbound communications",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPMask": "255.255.255.0",
"sourceIPNot": false,
"sourceIPType": "masked-ip",
"sourceIPValue": "1.1.1.1",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortMultiple": [
"4118"
],
"sourcePortNot": false,
"sourcePortType": "multiple"
},
{
"ID": 24,
"TCPNot": true,
"action": "allow",
"alertEnabled": false,
"anyFlags": false,
"description": "UDP stateful and TCP stateful must be enabled",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow solicited TCP/UDP replies",
"priority": "0",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any",
"tcpflags": [
"syn"
]
},
{
"ID": 25,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "ICMP stateful must be enabled",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow solicited ICMP replies",
"priority": "0",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 32,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to an FTP Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 81,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "FTP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 35,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to Deep Security Manager",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 82,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Deep Security Manager",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 36,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to an Microsoft Exchange Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 83,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Microsoft Exchange Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 37,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 85,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec IKE",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 38,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec Encryption",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 50,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 39,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec Authentication",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 51,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 40,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to a Domain Controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 86,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Controller (TCP)",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 42,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming TCP traffic to a Web Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 77,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Web Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 43,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow remote access to machines",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 111,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Access SSH",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 44,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic from the domain controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Client (TCP)",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPListID": 4,
"sourceIPNot": false,
"sourceIPType": "ip-list",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 88,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 46,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming TCP traffic to an SMTP Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 103,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "SMTP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 47,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 110,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IDENT",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 52,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow remote access to machines",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 76,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Access RDP",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 53,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 98,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "POP3 Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 54,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 105,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IMAP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 55,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 101,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Computer Associates Unicenter",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 56,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 97,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Veritas",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 70,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34915,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Allow PPPOE Discovery",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 71,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34916,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Allow PPPOE Session",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 72,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Generic Routing Encapsulation",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 47,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 75,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 76,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule1",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 77,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule2",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 133,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "None",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 166,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "UDP",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 174,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Example Rule",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
}
]
}
}

Human Readable Output#

Matched Firewall Rules#

IDNameDescriptionDirectionAction
20Deep Security AgentAllow incoming traffic to Deep Security Agentincomingallow
21VMware vCenter ServerAllow incoming traffic to VMware vCenter Serverincomingallow
22Allow Deep Security as a Service inbound communicationsincomingallow
24Allow solicited TCP/UDP repliesUDP stateful and TCP stateful must be enabledincomingallow
25Allow solicited ICMP repliesICMP stateful must be enabledincomingallow
32FTP ServerAllow incoming traffic to an FTP Serverincomingallow
35Deep Security ManagerAllow incoming traffic to Deep Security Managerincomingallow
36Microsoft Exchange ServerAllow incoming traffic to an Microsoft Exchange Serverincomingallow
37IPSec IKEincomingallow
38IPSec Encryptionincomingallow
39IPSec Authenticationincomingallow
40Domain Controller (TCP)Allow incoming traffic to a Domain Controllerincomingallow
42Web ServerAllow incoming TCP traffic to a Web Serverincomingallow
43Remote Access SSHAllow remote access to machinesincomingallow
44Domain Client (TCP)Allow incoming traffic from the domain controllerincomingallow
46SMTP ServerAllow incoming TCP traffic to an SMTP Serverincomingallow
47IDENTincomingallow
52Remote Access RDPAllow remote access to machinesincomingallow
53POP3 Serverincomingallow
54IMAP Serverincomingallow
55Computer Associates Unicenterincomingallow
56Veritasincomingallow
70Allow PPPOE Discoveryincomingallow
71Allow PPPOE Sessionincomingallow
72Generic Routing Encapsulationincomingallow
75poc_ruleincomingallow
76poc_rule1incomingallow
77poc_rule2incomingallow
133Noneincomingallow
166UDPincomingallow
174Example Ruleincomingallow

trendmicro-list-firewall-rules#


List all existing firewall rules

Base Command#

trendmicro-list-firewall-rules

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
TrendMicro.FirewallRules.namestringName of the firewall rule
TrendMicro.FirewallRules.descriptionstringDescription of the firewall rule
TrendMicro.FirewallRules.actionstringAction of the packet filter
TrendMicro.FirewallRules.prioritystringPriority of the packet filter
TrendMicro.FirewallRules.directionstringPacket direction
TrendMicro.FirewallRules.frameTypestringSupported frame types
TrendMicro.FirewallRules.frameNumberintegerEthernet frame number
TrendMicro.FirewallRules.frameNotbooleanControls if the frame setting should be inverted
TrendMicro.FirewallRules.protocolstringProtocol
TrendMicro.FirewallRules.protocolNumberintegerTwo-byte protocol number
TrendMicro.FirewallRules.protocolNotbooleanControls if the protocol setting should be inverted
TrendMicro.FirewallRules.sourceIPTypestringSource IP type
TrendMicro.FirewallRules.sourceIPValuestringSource IP
TrendMicro.FirewallRules.sourceIPMaskstringSource IP mask
TrendMicro.FirewallRules.sourceIPRangeFromstringThe first value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPRangeTostringThe last value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPMultiplearrayList of source IP addresses
TrendMicro.FirewallRules.sourceIPListIDintegerID of source IP list
TrendMicro.FirewallRules.sourceIPNotbooleanControls if the source IP setting should be inverted
TrendMicro.FirewallRules.sourceMACTypestringSource MAC type
TrendMicro.FirewallRules.sourceMACValuestringSource MAC address
TrendMicro.FirewallRules.sourceMACMultiplearrayList of MAC addresses
TrendMicro.FirewallRules.sourceMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.sourceMACNotbooleanControls if the source MAC setting should be inverted
TrendMicro.FirewallRules.sourcePortTypestringThe type of source port
TrendMicro.FirewallRules.sourcePortMultiplearrayList of comma-delimited source ports
TrendMicro.FirewallRules.sourcePortListIDintegerID of source port list
TrendMicro.FirewallRules.sourcePortNotbooleanControls if the source port setting should be inverted
TrendMicro.FirewallRules.destinationIPTypestringDestination IP type
TrendMicro.FirewallRules.destinationIPValuestringDestination IP
TrendMicro.FirewallRules.destinationIPMaskstringDestination IP mask
TrendMicro.FirewallRules.destinationIPRangeFromstringThe first value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPRangeTostringThe last value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPMultiplearrayList of comma-delimited destination IP addresses
TrendMicro.FirewallRules.destinationIPListIDintegerID of destination IP list
TrendMicro.FirewallRules.destinationIPNotbooleanControls if the destination IP setting should be inverted
TrendMicro.FirewallRules.destinationMACTypestringDestination MAC type
TrendMicro.FirewallRules.destinationMACValuestringDestination MAC address
TrendMicro.FirewallRules.destinationMACMultiplearrayList of comma-delimited MAC addresses
TrendMicro.FirewallRules.destinationMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.destinationMACNotbooleanControls if the destination MAC setting should be inverted
TrendMicro.FirewallRules.destinationPortTypestringThe type of destination port
TrendMicro.FirewallRules.destinationPortMultiplearrayList of comma-delimited destination ports
TrendMicro.FirewallRules.destinationPortListIDintegerID of destination port list
TrendMicro.FirewallRules.destinationPortNotbooleanControls if the destination port setting should be inverted
TrendMicro.FirewallRules.anyFlagsbooleanTrue if any flags are used
TrendMicro.FirewallRules.logDisabledbooleanControls if logging for this filter is disabled
TrendMicro.FirewallRules.includePacketDatabooleanControls if this filter should capture data for every log
TrendMicro.FirewallRules.alertEnabledbooleanControls if this filter should be alerted on
TrendMicro.FirewallRules.scheduleIDintegerID of the schedule to control when this filter is "on"
TrendMicro.FirewallRules.contextIDintegerRuleContext that is applied to this filter
TrendMicro.FirewallRules.tcpflagsarrayTCP flags
TrendMicro.FirewallRules.TCPNotbooleanWhther the TCP settings are inverted or not
TrendMicro.FirewallRules.ICMPTypeintegerICMP type
TrendMicro.FirewallRules.ICMPCodeintegerICMP code
TrendMicro.FirewallRules.ICMPNotbooleanWhther the ICMP settings are inverted or not

Command Example#

!trendmicro-list-firewall-rules

Context Example#

{
"TrendMicro": {
"FirewallRules": [
{
"ID": 1,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 4,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 8,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - Domain Client (UDP)",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 2,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - GRE",
"priority": "2",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 47,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 3,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 5,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 77,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - HTTP(S)",
"priority": "2",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 4,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - ICMP Echo Request",
"priority": "2",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 5,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - IPSec Encryption",
"priority": "2",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 50,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 6,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 10,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - VPN Tunnel",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 7,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 34958,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - Wireless Authentication",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 8,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2054,
"frameType": "arp",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - ARP",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 9,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 92,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - DNS",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 10,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - GRE",
"priority": "2",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 47,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 11,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - ICMP Echo Request",
"priority": "2",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 12,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - IPSec Encryption",
"priority": "2",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 50,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 13,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "",
"destinationIPListID": 7,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 10,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions - VPN Tunnel",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 14,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2054,
"frameType": "arp",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - ARP Outgoing",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 15,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - DHCP Client Incoming",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 78,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 16,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - DHCP Client Outgoing",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 79,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 17,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34958,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - Wireless Authentication Incoming",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 18,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 34958,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - Wireless Authentication Outgoing",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 19,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 90,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - Netbios Name Service Outgoing",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 90,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 20,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to Deep Security Agent",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 11,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Deep Security Agent",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 21,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to VMware vCenter Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 12,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "VMware vCenter Server",
"priority": "0",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 22,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow Deep Security as a Service inbound communications",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPMask": "255.255.255.0",
"sourceIPNot": false,
"sourceIPType": "masked-ip",
"sourceIPValue": "1.1.1.1",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortMultiple": [
"4118"
],
"sourcePortNot": false,
"sourcePortType": "multiple"
},
{
"ICMPCode": 4,
"ICMPNot": false,
"ICMPType": 3,
"ID": 23,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": false,
"description": "This ICMP packet is used for MTU path negotiation",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow ICMP type 3 code 4",
"priority": "4",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 24,
"TCPNot": true,
"action": "allow",
"alertEnabled": false,
"anyFlags": false,
"description": "UDP stateful and TCP stateful must be enabled",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow solicited TCP/UDP replies",
"priority": "0",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any",
"tcpflags": [
"syn"
]
},
{
"ID": 25,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "ICMP stateful must be enabled",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Allow solicited ICMP replies",
"priority": "0",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 26,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow DHCP Offer traffic to a DHCP Client",
"destinationIPListID": 2,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 79,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "DHCP Client",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 78,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 27,
"action": "deny",
"alertEnabled": false,
"anyFlags": true,
"description": "Ingress filter to deny incoming spoofed packets",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Deny Internal IP Ranges",
"priority": "4",
"protocol": "any",
"protocolNot": false,
"sourceIPListID": 3,
"sourceIPNot": false,
"sourceIPType": "ip-list",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 28,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming ARP traffic",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2054,
"frameType": "arp",
"includePacketData": false,
"logDisabled": false,
"name": "ARP",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 29,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "For hosts that rely on NetBios for name resolution",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 90,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "NetBios Name Service",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 90,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 30,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming DHCP requests to a DHCP server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 78,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "DHCP Server",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 79,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 31,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow wireless authentication traffic",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34958,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Wireless Authentication",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 32,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to an FTP Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 81,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "FTP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 33,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming TCP traffic to a Microsoft SQL server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 108,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Microsoft SQL Server",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 34,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to an Oracle SQL server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 107,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Oracle SQL Server",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 35,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to Deep Security Manager",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 82,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Deep Security Manager",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 36,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to an Microsoft Exchange Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 83,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Microsoft Exchange Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 37,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 85,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec IKE",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 38,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec Encryption",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 50,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 39,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IPSec Authentication",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 51,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 40,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to a Domain Controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 86,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Controller (TCP)",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 41,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic to a Domain Controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 87,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Controller (UDP)",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 42,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming TCP traffic to a Web Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 77,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Web Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 43,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow remote access to machines",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 111,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Access SSH",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 44,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic from the domain controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Client (TCP)",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPListID": 4,
"sourceIPNot": false,
"sourceIPType": "ip-list",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 88,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 45,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming traffic from the domain controller",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Domain Client (UDP)",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPListID": 4,
"sourceIPNot": false,
"sourceIPType": "ip-list",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 89,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 46,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming TCP traffic to an SMTP Server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 103,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "SMTP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 47,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 110,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IDENT",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 48,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow incoming DNS requests to a DNS server",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 92,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "DNS Server",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ICMPCode": 0,
"ICMPNot": false,
"ICMPType": 8,
"ID": 49,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": false,
"description": "Allow incoming Ping requests",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "ICMP Echo Request",
"priority": "2",
"protocol": "icmp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 50,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow Network Time Protocol traffic",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 109,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Network Time Protocol",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 51,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow file sharing traffic",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 93,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Windows File Sharing",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 52,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "Allow remote access to machines",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 76,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Access RDP",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 53,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 98,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "POP3 Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 54,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 105,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "IMAP Server",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 55,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 101,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Computer Associates Unicenter",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 56,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 97,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Veritas",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 57,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 106,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "MySQL Server",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 58,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 99,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "WINS",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 59,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 104,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "WINS Registration",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 60,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 100,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "WINS Replication",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 61,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 90,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - Netbios Name Service Incoming",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 90,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 62,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2054,
"frameType": "arp",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Exceptions - ARP Incoming",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 63,
"action": "deny",
"alertEnabled": false,
"anyFlags": true,
"contextID": 1,
"description": "Log packets blocked due to Restricted Interface Enforcement policy",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 0,
"frameType": "any",
"includePacketData": false,
"logDisabled": false,
"name": "Restricted Interface Enforcement",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 64,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPListID": 4,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 8,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - Domain Client (TCP)",
"priority": "2",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 65,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2054,
"frameType": "arp",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - ARP",
"priority": "2",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 66,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortListID": 92,
"destinationPortNot": false,
"destinationPortType": "port-list",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - DNS",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 67,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "When remotely connected to domain only corporate traffic is allowed",
"destinationIPListID": 6,
"destinationIPNot": false,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Exceptions",
"priority": "2",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 68,
"action": "deny",
"alertEnabled": false,
"anyFlags": true,
"contextID": 2,
"description": "Log packets blocked due to Remote Domain Enforcement policy",
"destinationIPListID": 7,
"destinationIPNot": true,
"destinationIPType": "ip-list",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Remote Domain Enforcement (Split Tunnel)",
"priority": "0",
"protocol": "tcp-udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 69,
"action": "deny",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "Log packets blocked due to Off Domain Enforcement policy",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 0,
"frameType": "any",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Enforcement",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 70,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34915,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Allow PPPOE Discovery",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 71,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 34916,
"frameType": "other",
"includePacketData": false,
"logDisabled": false,
"name": "Allow PPPOE Session",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 72,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Generic Routing Encapsulation",
"priority": "0",
"protocol": "other",
"protocolNot": false,
"protocolNumber": 47,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 73,
"action": "force-allow",
"alertEnabled": false,
"anyFlags": true,
"contextID": 3,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "outgoing",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Off Domain Exceptions - DHCP Client",
"priority": "2",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortListID": 79,
"sourcePortNot": false,
"sourcePortType": "port-list"
},
{
"ID": 75,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 76,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule1",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 77,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "poc_rule2",
"priority": "0",
"protocol": "tcp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "single",
"sourceIPValue": "1.2.3.4",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 133,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "None",
"priority": "0",
"protocol": "any",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 166,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "UDP",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
},
{
"ID": 174,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Example Rule",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
}
]
}
}

Human Readable Output#

Firewall Rules#

IDNameDescriptionDirectionAction
1Off Domain Exceptions - Domain Client (UDP)outgoingforce-allow
2Off Domain Exceptions - GREoutgoingforce-allow
3Off Domain Exceptions - HTTP(S)outgoingforce-allow
4Off Domain Exceptions - ICMP Echo Requestoutgoingforce-allow
5Off Domain Exceptions - IPSec Encryptionoutgoingforce-allow
6Off Domain Exceptions - VPN Tunneloutgoingforce-allow
7Off Domain Exceptions - Wireless Authenticationoutgoingforce-allow
8Remote Domain Exceptions - ARPoutgoingforce-allow
9Remote Domain Exceptions - DNSoutgoingforce-allow
10Remote Domain Exceptions - GREoutgoingforce-allow
11Remote Domain Exceptions - ICMP Echo Requestoutgoingforce-allow
12Remote Domain Exceptions - IPSec Encryptionoutgoingforce-allow
13Remote Domain Exceptions - VPN Tunneloutgoingforce-allow
14Restricted Interface Exceptions - ARP Outgoingoutgoingforce-allow
15Restricted Interface Exceptions - DHCP Client Incomingincomingforce-allow
16Restricted Interface Exceptions - DHCP Client Outgoingoutgoingforce-allow
17Restricted Interface Exceptions - Wireless Authentication Incomingincomingforce-allow
18Restricted Interface Exceptions - Wireless Authentication Outgoingoutgoingforce-allow
19Restricted Interface Exceptions - Netbios Name Service Outgoingoutgoingforce-allow
20Deep Security AgentAllow incoming traffic to Deep Security Agentincomingallow
21VMware vCenter ServerAllow incoming traffic to VMware vCenter Serverincomingallow
22Allow Deep Security as a Service inbound communicationsincomingallow
23Allow ICMP type 3 code 4This ICMP packet is used for MTU path negotiationincomingforce-allow
24Allow solicited TCP/UDP repliesUDP stateful and TCP stateful must be enabledincomingallow
25Allow solicited ICMP repliesICMP stateful must be enabledincomingallow
26DHCP ClientAllow DHCP Offer traffic to a DHCP Clientincomingforce-allow
27Deny Internal IP RangesIngress filter to deny incoming spoofed packetsincomingdeny
28ARPAllow incoming ARP trafficincomingforce-allow
29NetBios Name ServiceFor hosts that rely on NetBios for name resolutionincomingforce-allow
30DHCP ServerAllow incoming DHCP requests to a DHCP serverincomingforce-allow
31Wireless AuthenticationAllow wireless authentication trafficincomingforce-allow
32FTP ServerAllow incoming traffic to an FTP Serverincomingallow
33Microsoft SQL ServerAllow incoming TCP traffic to a Microsoft SQL serverincomingforce-allow
34Oracle SQL ServerAllow incoming traffic to an Oracle SQL serverincomingforce-allow
35Deep Security ManagerAllow incoming traffic to Deep Security Managerincomingallow
36Microsoft Exchange ServerAllow incoming traffic to an Microsoft Exchange Serverincomingallow
37IPSec IKEincomingallow
38IPSec Encryptionincomingallow
39IPSec Authenticationincomingallow
40Domain Controller (TCP)Allow incoming traffic to a Domain Controllerincomingallow
41Domain Controller (UDP)Allow incoming traffic to a Domain Controllerincomingforce-allow
42Web ServerAllow incoming TCP traffic to a Web Serverincomingallow
43Remote Access SSHAllow remote access to machinesincomingallow
44Domain Client (TCP)Allow incoming traffic from the domain controllerincomingallow
45Domain Client (UDP)Allow incoming traffic from the domain controllerincomingforce-allow
46SMTP ServerAllow incoming TCP traffic to an SMTP Serverincomingallow
47IDENTincomingallow
48DNS ServerAllow incoming DNS requests to a DNS serverincomingforce-allow
49ICMP Echo RequestAllow incoming Ping requestsincomingforce-allow
50Network Time ProtocolAllow Network Time Protocol trafficincomingforce-allow
51Windows File SharingAllow file sharing trafficincomingforce-allow
52Remote Access RDPAllow remote access to machinesincomingallow
53POP3 Serverincomingallow
54IMAP Serverincomingallow
55Computer Associates Unicenterincomingallow
56Veritasincomingallow
57MySQL Serverincomingforce-allow
58WINSincomingforce-allow
59WINS Registrationincomingforce-allow
60WINS Replicationincomingforce-allow
61Restricted Interface Exceptions - Netbios Name Service Incomingincomingforce-allow
62Restricted Interface Exceptions - ARP Incomingincomingforce-allow
63Restricted Interface EnforcementLog packets blocked due to Restricted Interface Enforcement policyoutgoingdeny
64Off Domain Exceptions - Domain Client (TCP)outgoingforce-allow
65Off Domain Exceptions - ARPoutgoingforce-allow
66Off Domain Exceptions - DNSoutgoingforce-allow
67Remote Domain ExceptionsWhen remotely connected to domain only corporate traffic is allowedoutgoingforce-allow
68Remote Domain Enforcement (Split Tunnel)Log packets blocked due to Remote Domain Enforcement policyoutgoingdeny
69Off Domain EnforcementLog packets blocked due to Off Domain Enforcement policyoutgoingdeny
70Allow PPPOE Discoveryincomingallow
71Allow PPPOE Sessionincomingallow
72Generic Routing Encapsulationincomingallow
73Off Domain Exceptions - DHCP Clientoutgoingforce-allow
75poc_ruleincomingallow
76poc_rule1incomingallow
77poc_rule2incomingallow
133Noneincomingallow
166UDPincomingallow
174Example Ruleincomingallow

trendmicro-create-firewall-rule#


Create a new firewall rule

Base Command#

trendmicro-create-firewall-rule

Input#

Argument NameDescriptionRequired
nameName of the firewall rule.Required
descriptionDescription of the firewall rule.Optional
actionAction of the packet filter. Possible values are: log-only, allow, deny, force-allow, bypass.Required
priorityPriority of the packet filter. Possible values are: 0, 1, 2, 3, 4.Optional
directionPacket direction. Possible values are: incoming, outgoing.Required
frame_typeSupported frame types. Possible values are: any, ip, arp, revarp, ipv4, ipv6, other.Optional
frame_numberEthernet frame number.Optional
frame_notControls if the frame setting should be inverted.Optional
protocolProtocol. Possible values are: any, icmp, igmp, ggp, tcp, udp, pup, idp, nd, raw, tcp-udp, icmpv6, other.Optional
protocol_numberTwo-byte protocol number.Optional
protocol_notControls if the protocol setting should be inverted.Optional
source_ip_typeSource IP type. Possible values are: any, single, multiple, masked-ip, range, ip-list.Optional
source_ip_valueSource IP.Optional
source_ip_maskSource IP mask.Optional
source_ip_range_fromThe first value for a range of source IP addresses.Optional
source_ip_range_toThe last value for a range of source IP addresses.Optional
source_ip_multipleList of source IP addresses.Optional
source_ip_list_idID of source IP list.Optional
source_ip_notControls if the source IP setting should be inverted.Optional
source_mac_typeSource MAC type. Possible values are: any, single, multiple, mac-list.Optional
source_mac_valueSource MAC address.Optional
source_mac_multipleList of MAC addresses.Optional
source_mac_list_idID of MAC address list.Optional
source_mac_notControls if the source MAC setting should be inverted.Optional
source_port_typeThe type of source port. Possible values are: any, multiple, port-list.Optional
source_port_multipleList of comma-delimited source ports.Optional
source_port_list_idID of source port list.Optional
source_port_notControls if the source port setting should be inverted.Optional
destination_ip_typeDestination IP type. Possible values are: any, single, multiple, range, masked-ip, ip-list.Optional
destination_ip_valueDestination IP.Optional
destination_ip_maskDestination IP mask.Optional
destination_ip_range_fromThe first value for a range of destination IP addresses.Optional
destination_ip_range_toThe last value for a range of destination IP addresses.Optional
destination_ip_multipleList of comma-delimited destination IP addresses.Optional
destination_ip_list_idID of destination IP list.Optional
destination_ip_notControls if the destination IP setting should be inverted.Optional
destination_mac_typeDestination MAC type. Possible values are: any, single, multiple, mac-list.Optional
destination_mac_valueDestination MAC address.Optional
destination_mac_multipleList of comma-delimited MAC addresses.Optional
destination_mac_list_idID of MAC address list.Optional
destination_mac_notControls if the destination MAC setting should be inverted.Optional
destination_port_typeThe type of destination port. Possible values are: any, multiple, port-list.Optional
destination_port_multipleList of comma-delimited destination ports.Optional
destination_port_list_idID of destination port list.Optional
destination_port_notControls if the destination port setting should be inverted.Optional
any_flagsTrue if any flags are used.Optional
log_disabledControls if logging for this filter is disabled.Optional
include_packet_dataControls if this filter should capture data for every log.Optional
alert_enabledControls if this filter should be alerted on.Optional
schedule_idID of the schedule to control when this filter is "on".Optional
context_idRuleContext that is applied to this filter.Optional
tcpflagsThe TCP flags the rule should filter by. Possible values are: syn, ack, psh, urg, fin, rst.Optional
tcp_notControls if the TCP settings should be inverted.Optional
icmp_typeThe ICMP type the rule should filter by.Optional
icmp_codeThe ICMP code the rule should filter by.Optional
icmp_notControls if the ICMP settings should be inverted.Optional

Context Output#

PathTypeDescription
TrendMicro.FirewallRules.namestringName of the firewall rule
TrendMicro.FirewallRules.descriptionstringDescription of the firewall rule
TrendMicro.FirewallRules.actionstringAction of the packet filter
TrendMicro.FirewallRules.prioritystringPriority of the packet filter
TrendMicro.FirewallRules.directionstringPacket direction
TrendMicro.FirewallRules.frameTypestringSupported frame types
TrendMicro.FirewallRules.frameNumberintegerEthernet frame number
TrendMicro.FirewallRules.frameNotbooleanControls if the frame setting should be inverted
TrendMicro.FirewallRules.protocolstringProtocol
TrendMicro.FirewallRules.protocolNumberintegerTwo-byte protocol number
TrendMicro.FirewallRules.protocolNotbooleanControls if the protocol setting should be inverted
TrendMicro.FirewallRules.sourceIPTypestringSource IP type
TrendMicro.FirewallRules.sourceIPValuestringSource IP
TrendMicro.FirewallRules.sourceIPMaskstringSource IP mask
TrendMicro.FirewallRules.sourceIPRangeFromstringThe first value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPRangeTostringThe last value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPMultiplearrayList of source IP addresses
TrendMicro.FirewallRules.sourceIPListIDintegerID of source IP list
TrendMicro.FirewallRules.sourceIPNotbooleanControls if the source IP setting should be inverted
TrendMicro.FirewallRules.sourceMACTypestringSource MAC type
TrendMicro.FirewallRules.sourceMACValuestringSource MAC address
TrendMicro.FirewallRules.sourceMACMultiplearrayList of MAC addresses
TrendMicro.FirewallRules.sourceMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.sourceMACNotbooleanControls if the source MAC setting should be inverted
TrendMicro.FirewallRules.sourcePortTypestringThe type of source port
TrendMicro.FirewallRules.sourcePortMultiplearrayList of comma-delimited source ports
TrendMicro.FirewallRules.sourcePortListIDintegerID of source port list
TrendMicro.FirewallRules.sourcePortNotbooleanControls if the source port setting should be inverted
TrendMicro.FirewallRules.destinationIPTypestringDestination IP type
TrendMicro.FirewallRules.destinationIPValuestringDestination IP
TrendMicro.FirewallRules.destinationIPMaskstringDestination IP mask
TrendMicro.FirewallRules.destinationIPRangeFromstringThe first value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPRangeTostringThe last value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPMultiplearrayList of comma-delimited destination IP addresses
TrendMicro.FirewallRules.destinationIPListIDintegerID of destination IP list
TrendMicro.FirewallRules.destinationIPNotbooleanControls if the destination IP setting should be inverted
TrendMicro.FirewallRules.destinationMACTypestringDestination MAC type
TrendMicro.FirewallRules.destinationMACValuestringDestination MAC address
TrendMicro.FirewallRules.destinationMACMultiplearrayList of comma-delimited MAC addresses
TrendMicro.FirewallRules.destinationMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.destinationMACNotbooleanControls if the destination MAC setting should be inverted
TrendMicro.FirewallRules.destinationPortTypestringThe type of destination port
TrendMicro.FirewallRules.destinationPortMultiplearrayList of comma-delimited destination ports
TrendMicro.FirewallRules.destinationPortListIDintegerID of destination port list
TrendMicro.FirewallRules.destinationPortNotbooleanControls if the destination port setting should be inverted
TrendMicro.FirewallRules.anyFlagsbooleanTrue if any flags are used
TrendMicro.FirewallRules.logDisabledbooleanControls if logging for this filter is disabled
TrendMicro.FirewallRules.includePacketDatabooleanControls if this filter should capture data for every log
TrendMicro.FirewallRules.alertEnabledbooleanControls if this filter should be alerted on
TrendMicro.FirewallRules.scheduleIDintegerID of the schedule to control when this filter is "on"
TrendMicro.FirewallRules.contextIDintegerRuleContext that is applied to this filter
TrendMicro.FirewallRules.tcpflagsarrayTCP flags
TrendMicro.FirewallRules.TCPNotbooleanWhether the TCP settings are inverted
TrendMicro.FirewallRules.ICMPTypeintegerICMP type
TrendMicro.FirewallRules.ICMPCodeintegerICMP code
TrendMicro.FirewallRules.ICMPNotbooleanWhether the ICMP settings are inverted

Command Example#

!trendmicro-create-firewall-rule name="Example Rule" action=allow protocol=udp direction=incoming

Context Example#

{
"TrendMicro": {
"FirewallRules": {
"ID": 175,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Example Rule",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
}
}
}

Human Readable Output#

Firewall Rules#

IDNameDirectionAction
175Example Ruleincomingallow

trendmicro-get-firewall-rule#


Get information about a certain firewall rule

Base Command#

trendmicro-get-firewall-rule

Input#

Argument NameDescriptionRequired
firewall_rule_idThe ID number of the firewall rule to get.Required

Context Output#

PathTypeDescription
TrendMicro.FirewallRules.namestringName of the firewall rule
TrendMicro.FirewallRules.descriptionstringDescription of the firewall rule
TrendMicro.FirewallRules.actionstringAction of the packet filter
TrendMicro.FirewallRules.prioritystringPriority of the packet filter
TrendMicro.FirewallRules.directionstringPacket direction
TrendMicro.FirewallRules.frameTypestringSupported frame types
TrendMicro.FirewallRules.frameNumberintegerEthernet frame number
TrendMicro.FirewallRules.frameNotbooleanControls if the frame setting should be inverted
TrendMicro.FirewallRules.protocolstringProtocol
TrendMicro.FirewallRules.protocolNumberintegerTwo-byte protocol number
TrendMicro.FirewallRules.protocolNotbooleanControls if the protocol setting should be inverted
TrendMicro.FirewallRules.sourceIPTypestringSource IP type
TrendMicro.FirewallRules.sourceIPValuestringSource IP
TrendMicro.FirewallRules.sourceIPMaskstringSource IP mask
TrendMicro.FirewallRules.sourceIPRangeFromstringThe first value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPRangeTostringThe last value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPMultiplearrayList of source IP addresses
TrendMicro.FirewallRules.sourceIPListIDintegerID of source IP list
TrendMicro.FirewallRules.sourceIPNotbooleanControls if the source IP setting should be inverted
TrendMicro.FirewallRules.sourceMACTypestringSource MAC type
TrendMicro.FirewallRules.sourceMACValuestringSource MAC address
TrendMicro.FirewallRules.sourceMACMultiplearrayList of MAC addresses
TrendMicro.FirewallRules.sourceMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.sourceMACNotbooleanControls if the source MAC setting should be inverted
TrendMicro.FirewallRules.sourcePortTypestringThe type of source port
TrendMicro.FirewallRules.sourcePortMultiplearrayList of comma-delimited source ports
TrendMicro.FirewallRules.sourcePortListIDintegerID of source port list
TrendMicro.FirewallRules.sourcePortNotbooleanControls if the source port setting should be inverted
TrendMicro.FirewallRules.destinationIPTypestringDestination IP type
TrendMicro.FirewallRules.destinationIPValuestringDestination IP
TrendMicro.FirewallRules.destinationIPMaskstringDestination IP mask
TrendMicro.FirewallRules.destinationIPRangeFromstringThe first value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPRangeTostringThe last value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPMultiplearrayList of comma-delimited destination IP addresses
TrendMicro.FirewallRules.destinationIPListIDintegerID of destination IP list
TrendMicro.FirewallRules.destinationIPNotbooleanControls if the destination IP setting should be inverted
TrendMicro.FirewallRules.destinationMACTypestringDestination MAC type
TrendMicro.FirewallRules.destinationMACValuestringDestination MAC address
TrendMicro.FirewallRules.destinationMACMultiplearrayList of comma-delimited MAC addresses
TrendMicro.FirewallRules.destinationMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.destinationMACNotbooleanControls if the destination MAC setting should be inverted
TrendMicro.FirewallRules.destinationPortTypestringThe type of destination port
TrendMicro.FirewallRules.destinationPortMultiplearrayList of comma-delimited destination ports
TrendMicro.FirewallRules.destinationPortListIDintegerID of destination port list
TrendMicro.FirewallRules.destinationPortNotbooleanControls if the destination port setting should be inverted
TrendMicro.FirewallRules.anyFlagsbooleanTrue if any flags are used
TrendMicro.FirewallRules.logDisabledbooleanControls if logging for this filter is disabled
TrendMicro.FirewallRules.includePacketDatabooleanControls if this filter should capture data for every log
TrendMicro.FirewallRules.alertEnabledbooleanControls if this filter should be alerted on
TrendMicro.FirewallRules.scheduleIDintegerID of the schedule to control when this filter is "on"
TrendMicro.FirewallRules.contextIDintegerRuleContext that is applied to this filter
TrendMicro.FirewallRules.tcpflagsarrayTCP flags
TrendMicro.FirewallRules.TCPNotbooleanWhether the TCP settings are inverted or not
TrendMicro.FirewallRules.ICMPTypeintegerICMP type
TrendMicro.FirewallRules.ICMPCodeintegerICMP code
TrendMicro.FirewallRules.ICMPNotbooleanWhether the ICMP settings are inverted or not

Command Example#

!trendmicro-get-firewall-rule firewall_rule_id=174

Context Example#

{
"TrendMicro": {
"FirewallRules": {
"ID": 174,
"action": "allow",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Example Rule",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
}
}
}

Human Readable Output#

Details of The Firewall Rule 174#

IDNameDirectionAction
174Example Ruleincomingallow

trendmicro-modify-firewall-rule#


Modify the properties of a certain firewall rule

Base Command#

trendmicro-modify-firewall-rule

Input#

Argument NameDescriptionRequired
firewall_rule_idThe ID number of the firewall rule to modify.Required
nameName of the firewall rule.Optional
descriptionDescription of the firewall rule.Optional
actionAction of the packet filter. Possible values are: log-only, allow, deny, force-allow, bypass.Optional
priorityPriority of the packet filter. Possible values are: 0, 1, 2, 3, 4.Optional
directionPacket direction. Possible values are: incoming, outgoing.Optional
frame_typeSupported frame types. Possible values are: any, ip, arp, revarp, ipv4, ipv6, other.Optional
frame_numberEthernet frame number.Optional
frame_notControls if the frame setting should be inverted.Optional
protocolProtocol. Possible values are: any, icmp, igmp, ggp, tcp, pup, udp, idp, nd, raw, tcp-udp, icmpv6, other.Optional
protocol_numberTwo-byte protocol number.Optional
protocol_notControls if the protocol setting should be inverted.Optional
source_ip_typeSource IP type. Possible values are: any, masked-ip, range, ip-list, single, multiple.Optional
source_ip_valueSource IP.Optional
source_ip_maskSource IP mask.Optional
source_ip_range_fromThe first value for a range of source IP addresses.Optional
source_ip_range_toThe last value for a range of source IP addresses.Optional
source_ip_multipleList of source IP addresses.Optional
source_ip_list_idID of source IP list.Optional
source_ip_notControls if the source IP setting should be inverted.Optional
source_mac_typeSource MAC type. Possible values are: any, single, mac-list, multiple.Optional
source_mac_valueSource MAC address.Optional
source_mac_multipleList of MAC addresses.Optional
source_mac_list_idID of MAC address list.Optional
source_mac_notControls if the source MAC setting should be inverted.Optional
source_port_typeThe type of source port. Possible values are: any, multiple, port-list.Optional
source_port_multipleList of comma-delimited source ports.Optional
source_port_list_idID of source port list.Optional
source_port_notControls if the source port setting should be inverted.Optional
destination_ip_typeDestination IP type. Possible values are: any, single, multiple, range, masked-ip, ip-list.Optional
destination_ip_valueDestination IP.Optional
destination_ip_maskDestination IP mask.Optional
destination_ip_range_fromThe first value for a range of destination IP addresses.Optional
destination_ip_range_toThe last value for a range of destination IP addresses.Optional
destination_ip_multipleList of comma-delimited destination IP addresses.Optional
destination_ip_list_idID of destination IP list.Optional
destination_ip_notControls if the destination IP setting should be inverted.Optional
destination_mac_typeDestination MAC type. Possible values are: any, single, multiple, mac-list.Optional
destination_mac_valueDestination MAC address.Optional
destination_mac_multipleList of comma-delimited MAC addresses.Optional
destination_mac_list_idID of MAC address list.Optional
destination_mac_notControls if the destination MAC setting should be inverted.Optional
destination_port_typeThe type of destination port. Possible values are: any, port-list, multiple.Optional
destination_port_multipleList of comma-delimited destination ports.Optional
destination_port_list_idID of destination port list.Optional
destination_port_notControls if the destination port setting should be inverted.Optional
any_flagsTrue if any flags are used.Optional
log_disabledControls if logging for this filter is disabled.Optional
include_packet_dataControls if this filter should capture data for every log.Optional
alert_enabledControls if this filter should be alerted on.Optional
schedule_idID of the schedule to control when this filter is "on".Optional
context_idRuleContext that is applied to this filter.Optional
tcpflagsThe TCP flags the rule should filter by. Possible values are: syn, ack, psh, urg, fin, rst.Optional
tcp_notControls if the TCP settings should be inverted.Optional
icmp_typeThe ICMP type the rule should filter by.Optional
icmp_codeThe ICMP code the rule should filter by.Optional
icmp_notControls if the ICMP settings should be inverted.Optional

Context Output#

PathTypeDescription
TrendMicro.FirewallRules.namestringName of the firewall rule
TrendMicro.FirewallRules.descriptionstringDescription of the firewall rule
TrendMicro.FirewallRules.actionstringAction of the packet filter
TrendMicro.FirewallRules.prioritystringPriority of the packet filter
TrendMicro.FirewallRules.directionstringPacket direction
TrendMicro.FirewallRules.frameTypestringSupported frame types
TrendMicro.FirewallRules.frameNumberintegerEthernet frame number
TrendMicro.FirewallRules.frameNotbooleanControls if the frame setting should be inverted
TrendMicro.FirewallRules.protocolstringProtocol
TrendMicro.FirewallRules.protocolNumberintegerTwo-byte protocol number
TrendMicro.FirewallRules.protocolNotbooleanControls if the protocol setting should be inverted
TrendMicro.FirewallRules.sourceIPTypestringSource IP type
TrendMicro.FirewallRules.sourceIPValuestringSource IP
TrendMicro.FirewallRules.sourceIPMaskstringSource IP mask
TrendMicro.FirewallRules.sourceIPRangeFromstringThe first value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPRangeTostringThe last value for a range of source IP addresses
TrendMicro.FirewallRules.sourceIPMultiplearrayList of source IP addresses
TrendMicro.FirewallRules.sourceIPListIDintegerID of source IP list
TrendMicro.FirewallRules.sourceIPNotbooleanControls if the source IP setting should be inverted
TrendMicro.FirewallRules.sourceMACTypestringSource MAC type
TrendMicro.FirewallRules.sourceMACValuestringSource MAC address
TrendMicro.FirewallRules.sourceMACMultiplearrayList of MAC addresses
TrendMicro.FirewallRules.sourceMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.sourceMACNotbooleanControls if the source MAC setting should be inverted
TrendMicro.FirewallRules.sourcePortTypestringThe type of source port
TrendMicro.FirewallRules.sourcePortMultiplearrayList of comma-delimited source ports
TrendMicro.FirewallRules.sourcePortListIDintegerID of source port list
TrendMicro.FirewallRules.sourcePortNotbooleanControls if the source port setting should be inverted
TrendMicro.FirewallRules.destinationIPTypestringDestination IP type
TrendMicro.FirewallRules.destinationIPValuestringDestination IP
TrendMicro.FirewallRules.destinationIPMaskstringDestination IP mask
TrendMicro.FirewallRules.destinationIPRangeFromstringThe first value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPRangeTostringThe last value for a range of destination IP addresses
TrendMicro.FirewallRules.destinationIPMultiplearrayList of comma-delimited destination IP addresses
TrendMicro.FirewallRules.destinationIPListIDintegerID of destination IP list
TrendMicro.FirewallRules.destinationIPNotbooleanControls if the destination IP setting should be inverted
TrendMicro.FirewallRules.destinationMACTypestringDestination MAC type
TrendMicro.FirewallRules.destinationMACValuestringDestination MAC address
TrendMicro.FirewallRules.destinationMACMultiplearrayList of comma-delimited MAC addresses
TrendMicro.FirewallRules.destinationMACListIDintegerID of MAC address list
TrendMicro.FirewallRules.destinationMACNotbooleanControls if the destination MAC setting should be inverted
TrendMicro.FirewallRules.destinationPortTypestringThe type of destination port
TrendMicro.FirewallRules.destinationPortMultiplearrayList of comma-delimited destination ports
TrendMicro.FirewallRules.destinationPortListIDintegerID of destination port list
TrendMicro.FirewallRules.destinationPortNotbooleanControls if the destination port setting should be inverted
TrendMicro.FirewallRules.anyFlagsbooleanTrue if any flags are used
TrendMicro.FirewallRules.logDisabledbooleanControls if logging for this filter is disabled
TrendMicro.FirewallRules.includePacketDatabooleanControls if this filter should capture data for every log
TrendMicro.FirewallRules.alertEnabledbooleanControls if this filter should be alerted on
TrendMicro.FirewallRules.scheduleIDintegerID of the schedule to control when this filter is "on"
TrendMicro.FirewallRules.contextIDintegerRuleContext that is applied to this filter
TrendMicro.FirewallRules.tcpflagsarrayTCP flags
TrendMicro.FirewallRules.TCPNotbooleanWhether the TCP settings are inverted or not
TrendMicro.FirewallRules.ICMPTypeintegerICMP type
TrendMicro.FirewallRules.ICMPCodeintegerICMP code
TrendMicro.FirewallRules.ICMPNotbooleanWhether the ICMP settings are inverted or not

Command Example#

!trendmicro-modify-firewall-rule firewall_rule_id=174 action=deny

Context Example#

{
"TrendMicro": {
"FirewallRules": {
"ID": 174,
"action": "deny",
"alertEnabled": false,
"anyFlags": true,
"description": "",
"destinationIPNot": false,
"destinationIPType": "any",
"destinationMACNot": false,
"destinationMACType": "any",
"destinationPortNot": false,
"destinationPortType": "any",
"direction": "incoming",
"frameNot": false,
"frameNumber": 2048,
"frameType": "ip",
"includePacketData": false,
"logDisabled": false,
"name": "Example Rule",
"priority": "0",
"protocol": "udp",
"protocolNot": false,
"sourceIPNot": false,
"sourceIPType": "any",
"sourceMACNot": false,
"sourceMACType": "any",
"sourcePortNot": false,
"sourcePortType": "any"
}
}
}

Human Readable Output#

Details About The Modified Firewall Rule 174#

IDNameDirectionAction
174Example Ruleincomingdeny

trendmicro-delete-firewall-rule#


Delete a certain firewall rule

Base Command#

trendmicro-delete-firewall-rule

Input#

Argument NameDescriptionRequired
firewall_rule_idThe ID number of the firewall rule to delete.Required

Context Output#

There is no context output for this command.

Command Example#

!trendmicro-delete-firewall-rule firewall_rule_id=174

Human Readable Output#

The firewall rule was successfully deleted!

trendmicro-list-firewall-rule-ids-of-computer#


List all IDs of the firewall rules that are assigned to a certain computer

Base Command#

trendmicro-list-firewall-rule-ids-of-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
overridesReturn only rule IDs assigned directly to the current computer. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.FirewallAssignments.assignedRuleIDsarrayList of assigned firewall rule IDs

Command Example#

!trendmicro-list-firewall-rule-ids-of-computer computer_id=216

Context Example#

{
"TrendMicro": {
"FirewallAssignments": {
"assignedRuleIDs": []
}
}
}

Human Readable Output#

The firewall rules IDs that are assigned to 216:

trendmicro-add-firewall-rule-ids-to-computer#


Add firewall rule IDs to a certain computer

Base Command#

trendmicro-add-firewall-rule-ids-to-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
overridesReturn only rule IDs assigned directly to the current computer. Possible values are: true, false. Default is false.Optional
rule_idsThe rule IDs to add to the computer.Required

Context Output#

PathTypeDescription
TrendMicro.FirewallAssignments.assignedRuleIDsarrayList of assigned firewall rule IDs

Command Example#

!trendmicro-add-firewall-rule-ids-to-computer computer_id=216 rule_ids=31

Context Example#

{
"TrendMicro": {
"FirewallAssignments": {
"assignedRuleIDs": [
21,
22,
31
]
}
}
}

Human Readable Output#

The firewall rules IDs that are assigned to computer 216: 21, 22, 31

trendmicro-set-firewall-rule-ids-to-computer#


Assign firewall rule IDs to a certain computer

Base Command#

trendmicro-set-firewall-rule-ids-to-computer

Input#

Argument NameDescriptionRequired
computer_idThe ID number of the computer.Required
overridesReturn only rule IDs assigned directly to the current computer. Possible values are: true, false. Default is false.Optional
rule_idsThe rule IDs to assign to the computer.Required

Context Output#

PathTypeDescription
TrendMicro.FirewallAssignments.assignedRuleIDsarrayList of assigned firewall rule IDs

Command Example#

!trendmicro-set-firewall-rule-ids-to-computer computer_id=216 rule_ids=21,22

Context Example#

{
"TrendMicro": {
"FirewallAssignments": {
"assignedRuleIDs": [
21,
22
]
}
}
}

Human Readable Output#

The firewall rules IDs that are assigned to computer 216: 21, 22

trendmicro-get-policy#


Get information about a certain policy

Base Command#

trendmicro-get-policy

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy to get.Required
overridesShow only overrides defined for the current policy. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.Policies.parentIDintegerID of the parent policy
TrendMicro.Policies.namestringName of the policy
TrendMicro.Policies.descriptionstringDescription of the policy
TrendMicro.Policies.recommendationScanModestringEnable or disable ongoing recommendation scans for computers assigned this policy
TrendMicro.Policies.autoRequiresUpdatestringAutomatically update computers assigned this policy when the configuration changes

Command Example#

!trendmicro-get-policy policy_id=105

Context Example#

{
"TrendMicro": {
"Policies": {
"ID": 105,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "Example policy description",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Example Policy",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
}
}
}

Human Readable Output#

Details About The Policy 105#

IDNameDescription
105Example PolicyExample policy description

trendmicro-modify-policy#


Modify a certain policy

Base Command#

trendmicro-modify-policy

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy to modify.Required
overridesShow only overrides defined for the current policy. Possible values are: true, false. Default is false.Optional
parent_idID of the parent policy.Optional
nameName of the policy.Optional
descriptionDescription of the policy.Optional
recommendation_scan_modeEnable or disable ongoing recommendation scans for computers assigned this policy.Optional
auto_requires_updateAutomatically update computers assigned this policy when the configuration changes.Optional

Context Output#

PathTypeDescription
TrendMicro.Policies.parentIDintegerID of the parent policy
TrendMicro.Policies.namestringName of the policy
TrendMicro.Policies.descriptionstringDescription of the policy
TrendMicro.Policies.recommendationScanModestringEnable or disable ongoing recommendation scans for computers assigned this policy
TrendMicro.Policies.autoRequiresUpdatestringAutomatically update computers assigned this policy when the configuration changes

Command Example#

!trendmicro-modify-policy policy_id=105 description="Example policy description"

Context Example#

{
"TrendMicro": {
"Policies": {
"ID": 105,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "Example policy description",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Example Policy",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
}
}
}

Human Readable Output#

Details About The Policy 105#

IDNameDescription
105Example PolicyExample policy description

trendmicro-delete-policy#


Delete a certain policy

Base Command#

trendmicro-delete-policy

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy to delete.Required

Context Output#

There is no context output for this command.

Command Example#

!trendmicro-delete-policy policy_id=105

Human Readable Output#

The policy was successfully deleted!

trendmicro-get-policy-setting#


Get information about a setting of a certain policy

Base Command#

trendmicro-get-policy-setting

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy.Required
nameThe name of the policy setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current policy. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.PolicySettings.policyIdintegerPolicy ID of a Setting
TrendMicro.PolicySettings.namestringName of a Setting
TrendMicro.PolicySettings.valuestringValue of a Setting

Command Example#

!trendmicro-get-policy-setting policy_id=105 name=firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled

Context Example#

{
"TrendMicro": {
"PolicySettings": {
"name": "firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled",
"policyId": 105,
"value": "false"
}
}
}

Human Readable Output#

The Policy Setting#

Policy IdNameValue
105firewallSettingEngineOptionGenerateConnectionEventsUdpEnabledfalse

trendmicro-modify-policy-setting#


Modify the value of a setting of a certain policy

Base Command#

trendmicro-modify-policy-setting

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy.Required
nameThe name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current computer. Possible values are: true, false. Default is false.Optional
valueValue of a Setting.Optional

Context Output#

PathTypeDescription
TrendMicro.PolicySettings.policyIdintegerPolicy Id of a Setting
TrendMicro.PolicySettings.namestringName of a Setting
TrendMicro.PolicySettings.valuestringValue of a Setting

Command Example#

!trendmicro-modify-policy-setting name=firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled policy_id=105 value=true

Context Example#

{
"TrendMicro": {
"PolicySettings": {
"name": "firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled",
"policyId": 105,
"value": "true"
}
}
}

Human Readable Output#

The Policy Setting:#

Policy IdNameValue
105firewallSettingEngineOptionGenerateConnectionEventsUdpEnabledtrue

trendmicro-reset-policy-setting#


Reset the value of a setting of a certain policy

Base Command#

trendmicro-reset-policy-setting

Input#

Argument NameDescriptionRequired
policy_idThe ID number of the policy.Required
nameThe name of the policy setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required
overridesShow the value only if defined for the current policy. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.PolicySettings.policyIdintegerPolicy Id of a Setting
TrendMicro.PolicySettings.namestringName of a Setting
TrendMicro.PolicySettings.valuestringValue of a Setting

Command Example#

!trendmicro-reset-policy-setting name=firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled policy_id=105

Context Example#

{
"TrendMicro": {
"PolicySettings": {
"name": "firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled",
"policyId": 105,
"value": "false"
}
}
}

Human Readable Output#

The Policy Setting#

Policy IdNameValue
105firewallSettingEngineOptionGenerateConnectionEventsUdpEnabledfalse

trendmicro-list-policies#


List all existing policies

Base Command#

trendmicro-list-policies

Input#

Argument NameDescriptionRequired
overridesShow only overrides defined for the current policy. Possible values are: true, false. Default is false.Optional

Context Output#

PathTypeDescription
TrendMicro.Policies.parentIDintegerID of the parent policy
TrendMicro.Policies.namestringName of the policy
TrendMicro.Policies.descriptionstringDescription of the policy
TrendMicro.Policies.recommendationScanModestringEnable or disable ongoing recommendation scans for computers assigned this policy
TrendMicro.Policies.autoRequiresUpdatestringAutomatically update computers assigned this policy when the configuration changes

Command Example#

!trendmicro-list-policies

Context Example#

{
"TrendMicro": {
"Policies": [
{
"ID": 1,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "A policy from which all other policies can inherit. Only the most general settings should be applied to this policy as they will apply to all policies that inherit from it, unless overridden. More specific settings and rules should be added to sub-policies that are assigned to computers.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Base Policy",
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 2,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "An example policy from which all the example Windows policies inherit. Any settings that are common to all Windows policies can be set here.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Windows",
"parentID": 1,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 3,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "on"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "An example policy for Windows Server 2012 servers.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "active",
"statusMessage": "On, 22 rules"
},
"ruleIDs": [
23,
24,
25,
28,
29,
30,
32,
33,
34,
36,
42,
46,
47,
48,
49,
52,
53,
54,
57,
58,
59,
60
],
"state": "on"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 27 rules"
},
"ruleIDs": [
1,
2,
3,
4,
5,
6,
11,
12,
13,
14,
17,
19,
20,
23,
24,
38,
53,
54,
57,
62,
64,
103,
144,
151,
157,
159,
163
],
"state": "on"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Prevent, no rules"
},
"state": "prevent"
},
"logInspection": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 5 rules"
},
"ruleIDs": [
18,
27,
28,
44,
75
],
"state": "on"
},
"name": "Windows Server 2012",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 4,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "on"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "An example policy for Windows Server 2008 servers.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "active",
"statusMessage": "On, 22 rules"
},
"ruleIDs": [
23,
24,
25,
28,
29,
30,
32,
33,
34,
36,
42,
46,
47,
48,
49,
52,
53,
54,
57,
58,
59,
60
],
"state": "on"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 27 rules"
},
"ruleIDs": [
1,
2,
3,
4,
5,
6,
11,
12,
13,
14,
17,
19,
20,
23,
24,
38,
53,
54,
57,
62,
64,
103,
144,
151,
157,
159,
163
],
"state": "on"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Prevent, no rules"
},
"state": "prevent"
},
"logInspection": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 5 rules"
},
"ruleIDs": [
18,
27,
28,
44,
75
],
"state": "on"
},
"name": "Windows Server 2008",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 5,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "on"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "An example policy for Windows Server 2003 servers.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "active",
"statusMessage": "On, 22 rules"
},
"ruleIDs": [
23,
24,
25,
28,
29,
30,
32,
33,
34,
36,
42,
46,
47,
48,
49,
52,
53,
54,
57,
58,
59,
60
],
"state": "on"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 27 rules"
},
"ruleIDs": [
1,
2,
3,
4,
5,
6,
11,
12,
13,
14,
17,
19,
20,
23,
24,
38,
53,
54,
57,
62,
64,
103,
144,
151,
157,
159,
163
],
"state": "on"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Prevent, no rules"
},
"state": "prevent"
},
"logInspection": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 6 rules"
},
"ruleIDs": [
18,
27,
28,
39,
44,
75
],
"state": "on"
},
"name": "Windows Server 2003",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 6,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "on"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "An example policy for Linux servers.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "active",
"statusMessage": "On, 17 rules"
},
"ruleIDs": [
23,
24,
25,
28,
29,
30,
32,
34,
42,
43,
46,
47,
48,
49,
53,
54,
57
],
"state": "on"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 23 rules"
},
"ruleIDs": [
7,
8,
9,
10,
15,
16,
20,
25,
26,
33,
34,
35,
40,
41,
48,
51,
55,
60,
72,
75,
86,
148,
159
],
"state": "on"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Prevent, no rules"
},
"state": "prevent"
},
"logInspection": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 7 rules"
},
"ruleIDs": [
18,
24,
43,
57,
60,
61,
78
],
"state": "on"
},
"name": "Linux Server",
"parentID": 1,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 7,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "on"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "Demo policy for the demo computer added to all accounts. This policy has all security modules enabled.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "active",
"statusMessage": "On, 6 rules"
},
"ruleIDs": [
23,
24,
25,
28,
42,
49
],
"state": "on"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time, 1 rule"
},
"ruleIDs": [
9
],
"state": "real-time"
},
"intrusionPrevention": {
"applicationTypeIDs": [
387,
400
],
"moduleStatus": {
"status": "active",
"statusMessage": "Prevent, 2 rules"
},
"ruleIDs": [
7080,
7526
],
"state": "prevent"
},
"logInspection": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 2 rules"
},
"ruleIDs": [
18,
57
],
"state": "on"
},
"name": "Demo",
"parentID": 1,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "off",
"webReputation": {
"moduleStatus": {
"status": "active",
"statusMessage": "On"
},
"state": "on"
}
},
{
"ID": 8,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "on"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "Sample policy for a server running a Linux/Apache/MySQL/PHP stack. Firewall rules allow SSH access but do not allow remote access to MySQL.",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "active",
"statusMessage": "On, 11 rules"
},
"ruleIDs": [
20,
23,
24,
25,
28,
29,
30,
42,
43,
47,
49
],
"state": "on"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 23 rules"
},
"ruleIDs": [
7,
8,
9,
10,
15,
16,
20,
25,
26,
33,
34,
35,
40,
41,
48,
56,
60,
72,
75,
86,
96,
148,
159
],
"state": "on"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Prevent, no rules"
},
"state": "prevent"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "LAMP Server",
"parentID": 1,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 37,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "active",
"statusMessage": "Real Time"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "on"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "active",
"statusMessage": "On, 22 rules"
},
"ruleIDs": [
23,
24,
25,
28,
29,
30,
32,
33,
34,
36,
42,
46,
47,
48,
49,
52,
53,
54,
57,
58,
59,
60
],
"state": "on"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 27 rules"
},
"ruleIDs": [
1,
2,
3,
4,
5,
6,
11,
12,
13,
14,
17,
19,
20,
23,
24,
38,
53,
54,
57,
62,
64,
103,
144,
151,
157,
159,
163
],
"state": "on"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Prevent, no rules"
},
"state": "prevent"
},
"logInspection": {
"moduleStatus": {
"status": "active",
"statusMessage": "On, 5 rules"
},
"ruleIDs": [
18,
27,
28,
44,
75
],
"state": "on"
},
"name": "test3",
"parentID": 3,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 68,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "PoC Policy",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "PoC1",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 101,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "PoC Policy",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "PoC Policy",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 102,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 0,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no configuration"
},
"realTimeScanConfigurationID": 0,
"realTimeScanScheduleID": 0,
"scheduledScanConfigurationID": 0,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "",
"firewall": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "test policy",
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": ""
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": ""
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "30 Seconds"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "false"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": ""
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "2"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "off",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
},
{
"ID": 105,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "Example policy description",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Example Policy",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
}
]
}
}

Human Readable Output#

Policies list#

IDNameDescription
1Base PolicyA policy from which all other policies can inherit. Only the most general settings should be applied to this policy as they will apply to all policies that inherit from it, unless overridden. More specific settings and rules should be added to sub-policies that are assigned to computers.
2WindowsAn example policy from which all the example Windows policies inherit. Any settings that are common to all Windows policies can be set here.
3Windows Server 2012An example policy for Windows Server 2012 servers.
4Windows Server 2008An example policy for Windows Server 2008 servers.
5Windows Server 2003An example policy for Windows Server 2003 servers.
6Linux ServerAn example policy for Linux servers.
7DemoDemo policy for the demo computer added to all accounts. This policy has all security modules enabled.
8LAMP ServerSample policy for a server running a Linux/Apache/MySQL/PHP stack. Firewall rules allow SSH access but do not allow remote access to MySQL.
37test3
68PoC1PoC Policy
101PoC PolicyPoC Policy
102test policy
105Example PolicyExample policy description

trendmicro-search-policies#


Search for specific policies by some field name with a certain type. Every field has a specific type. It can be a simple type like a string, a numeric or a boolean. However, it can also be a choice, which is a string with specific options (enumeration). To search, you must provide the field_name & field_type, the operation to perform, and the value to search.

Base Command#

trendmicro-search-policies

Input#

Argument NameDescriptionRequired
overridesShow only overrides defined for the current computer. Possible values are: true, false. Default is false.Optional
max_itemsLimits the number of objects returned.Optional
field_nameThe field name to search for. Possible values are: ID, parentID, name, description, recommendationScanMode, autoRequiresUpdate.Required
field_typeThe type of the field. Possible values are: boolean, numeric, choice, id, string.Required
operationThe search conditional to test on the field name. Possible values are: less-than, less-than-or-equal, equal, greater-than-or-equal, greater-than, not-equal.Required
valueThe value to compare.Required
sort_by_object_idIf true, forces the response objects to be sorted by ID, overriding the default sort order.Optional

Context Output#

PathTypeDescription
TrendMicro.Policies.parentIDintegerID of the parent policy
TrendMicro.Policies.namestringName of the policy
TrendMicro.Policies.descriptionstringDescription of the policy
TrendMicro.Policies.recommendationScanModestringEnable or disable ongoing recommendation scans for computers assigned this policy
TrendMicro.Policies.autoRequiresUpdatestringAutomatically update computers assigned this policy when the configuration changes

Command Example#

!trendmicro-search-policies field_name=name operation=equal field_type=string value="Example Policy"

Context Example#

{
"TrendMicro": {
"Policies": {
"ID": 105,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "Example policy description",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Example Policy",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
}
}
}

Human Readable Output#

Matched Policies#

IDNameDescription
105Example PolicyExample policy description

trendmicro-create-policy#


Create a new policy

Base Command#

trendmicro-create-policy

Input#

Argument NameDescriptionRequired
overridesShow only overrides defined for the current policy. Possible values are: true, false. Default is false.Optional
parent_idID of the parent policy.Optional
nameName of the policy.Required
descriptionDescription of the policy.Optional
recommendation_scan_modeEnable or disable ongoing recommendation scans for computers assigned this policy. Possible values are: off, ongoing.Optional
auto_requires_updateAutomatically update computers assigned this policy when the configuration changes. Possible values are: off, on.Optional

Context Output#

PathTypeDescription
TrendMicro.Policies.parentIDintegerID of the parent policy
TrendMicro.Policies.namestringName of the policy
TrendMicro.Policies.descriptionstringDescription of the policy
TrendMicro.Policies.recommendationScanModestringEnable or disable ongoing recommendation scans for computers assigned this policy
TrendMicro.Policies.autoRequiresUpdatestringAutomatically update computers assigned this policy when the configuration changes

Command Example#

!trendmicro-create-policy name="Example Policy" parent_id=2 description="Example policy description"

Context Example#

{
"TrendMicro": {
"Policies": {
"ID": 106,
"activityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"antiMalware": {
"manualScanConfigurationID": 2,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"realTimeScanConfigurationID": 1,
"realTimeScanScheduleID": 4,
"scheduledScanConfigurationID": 3,
"state": "off"
},
"applicationControl": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
},
"autoRequiresUpdate": "on",
"description": "Example policy description",
"firewall": {
"globalStatefulConfigurationID": 1,
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, 2 rules"
},
"ruleIDs": [
23,
28
],
"state": "off"
},
"integrityMonitoring": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"intrusionPrevention": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"logInspection": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off, no rules"
},
"state": "off"
},
"name": "Example Policy",
"parentID": 2,
"policySettings": {
"activityMonitoringSettingActivityEnabled": {
"value": "Off"
},
"activityMonitoringSettingIndicatorEnabled": {
"value": "Off"
},
"activityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingBehaviorMonitoringScanExclusionList": {
"value": ""
},
"antiMalwareSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled": {
"value": "true"
},
"antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled": {
"value": "true"
},
"antiMalwareSettingDocumentExploitProtectionRuleExceptions": {
"value": ""
},
"antiMalwareSettingFileHashEnabled": {
"value": "false"
},
"antiMalwareSettingFileHashMd5Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSha256Enabled": {
"value": "false"
},
"antiMalwareSettingFileHashSizeMaxMbytes": {
"value": "128"
},
"antiMalwareSettingIdentifiedFilesSpaceMaxMbytes": {
"value": "1024"
},
"antiMalwareSettingMalwareScanMultithreadedProcessingEnabled": {
"value": "false"
},
"antiMalwareSettingNsxSecurityTaggingEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled": {
"value": "true"
},
"antiMalwareSettingNsxSecurityTaggingValue": {
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
"antiMalwareSettingPredictiveMachineLearningExceptions": {
"value": ""
},
"antiMalwareSettingScanCacheOnDemandConfigId": {
"value": "1"
},
"antiMalwareSettingScanCacheRealTimeConfigId": {
"value": "2"
},
"antiMalwareSettingScanFileSizeMaxMbytes": {
"value": "0"
},
"antiMalwareSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"antiMalwareSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"antiMalwareSettingSmartScanState": {
"value": "Automatic"
},
"antiMalwareSettingSpywareApprovedList": {
"value": ""
},
"antiMalwareSettingSyslogConfigId": {
"value": "0"
},
"antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax": {
"value": "500000"
},
"antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax": {
"value": "500000"
},
"applicationControlSettingExecutionEnforcementLevel": {
"value": "Allow unrecognized software until it is explicitly blocked"
},
"applicationControlSettingRulesetMode": {
"value": "Use local ruleset"
},
"applicationControlSettingSharedRulesetId": {
"value": "0"
},
"applicationControlSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingAntiEvasionCheckEvasiveRetransmit": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFinNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckFragmentedPackets": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckOutNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckPaws": {
"value": "Ignore"
},
"firewallSettingAntiEvasionCheckRstNoConnection": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpChecksum": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpCongestionFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpPawsZero": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpRstFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSplitHandshake": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynFinFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynRstFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpSynWithData": {
"value": "Deny"
},
"firewallSettingAntiEvasionCheckTcpUrgentFlags": {
"value": "Allow"
},
"firewallSettingAntiEvasionCheckTcpZeroFlags": {
"value": "Deny"
},
"firewallSettingAntiEvasionSecurityPosture": {
"value": "Normal"
},
"firewallSettingAntiEvasionTcpPawsWindowPolicy": {
"value": "0"
},
"firewallSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"firewallSettingConfigPackageExceedsAlertMaxEnabled": {
"value": "true"
},
"firewallSettingEngineOptionAckTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionAllowNullIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled": {
"value": "false"
},
"firewallSettingEngineOptionBlockSameSrcDstIpEnabled": {
"value": "true"
},
"firewallSettingEngineOptionBootStartTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled": {
"value": "false"
},
"firewallSettingEngineOptionCloseTimeout": {
"value": "0 Seconds"
},
"firewallSettingEngineOptionCloseWaitTimeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionClosingTimeout": {
"value": "1 Second"
},
"firewallSettingEngineOptionColdStartTimeout": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionConnectionCleanupTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionConnectionsCleanupMax": {
"value": "1000"
},
"firewallSettingEngineOptionConnectionsNumIcmpMax": {
"value": "10000"
},
"firewallSettingEngineOptionConnectionsNumTcpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionConnectionsNumUdpMax": {
"value": "1000000"
},
"firewallSettingEngineOptionDebugModeEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDebugPacketNumMax": {
"value": "8"
},
"firewallSettingEngineOptionDisconnectTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropEvasiveRetransmitEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropIpZeroPayloadEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ExtType0Enabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled": {
"value": "false"
},
"firewallSettingEngineOptionDropTeredoAnomaliesEnabled": {
"value": "true"
},
"firewallSettingEngineOptionDropUnknownSslProtocolEnabled": {
"value": "true"
},
"firewallSettingEngineOptionErrorTimeout": {
"value": "10 Seconds"
},
"firewallSettingEngineOptionEstablishedTimeout": {
"value": "3 Hours"
},
"firewallSettingEngineOptionEventNodesMax": {
"value": "20000"
},
"firewallSettingEngineOptionFilterIpv4Tunnels": {
"value": "Disable Detection of IPv4 Tunnels"
},
"firewallSettingEngineOptionFilterIpv6Tunnels": {
"value": "Disable Detection of IPv6 Tunnels"
},
"firewallSettingEngineOptionFinWait1Timeout": {
"value": "2 Minutes"
},
"firewallSettingEngineOptionForceAllowDhcpDns": {
"value": "Allow DNS Query and DHCP Client"
},
"firewallSettingEngineOptionForceAllowIcmpType3Code4": {
"value": "Add Force Allow rule for ICMP type3 code4"
},
"firewallSettingEngineOptionFragmentOffsetMin": {
"value": "60"
},
"firewallSettingEngineOptionFragmentSizeMin": {
"value": "120"
},
"firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled": {
"value": "false"
},
"firewallSettingEngineOptionIcmpTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionIgnoreStatusCode0": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode1": {
"value": "None"
},
"firewallSettingEngineOptionIgnoreStatusCode2": {
"value": "None"
},
"firewallSettingEngineOptionLastAckTimeout": {
"value": "3 Minutes"
},
"firewallSettingEngineOptionLogAllPacketDataEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogEventsPerSecondMax": {
"value": "100"
},
"firewallSettingEngineOptionLogOnePacketPeriod": {
"value": "5 Minutes"
},
"firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled": {
"value": "false"
},
"firewallSettingEngineOptionLogPacketLengthMax": {
"value": "1500 Bytes"
},
"firewallSettingEngineOptionLoggingPolicy": {
"value": "Default"
},
"firewallSettingEngineOptionSilentTcpConnectionDropEnabled": {
"value": "false"
},
"firewallSettingEngineOptionSslSessionSize": {
"value": "Low - 2500"
},
"firewallSettingEngineOptionSslSessionTime": {
"value": "24 Hours"
},
"firewallSettingEngineOptionStrictTerodoPortCheckEnabled": {
"value": "true"
},
"firewallSettingEngineOptionSynRcvdTimeout": {
"value": "60 Seconds"
},
"firewallSettingEngineOptionSynSentTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionTcpMssLimit": {
"value": "128 Bytes"
},
"firewallSettingEngineOptionTunnelDepthMax": {
"value": "1"
},
"firewallSettingEngineOptionTunnelDepthMaxExceededAction": {
"value": "Drop"
},
"firewallSettingEngineOptionUdpTimeout": {
"value": "20 Seconds"
},
"firewallSettingEngineOptionVerifyTcpChecksumEnabled": {
"value": "false"
},
"firewallSettingEngineOptionsEnabled": {
"value": "true"
},
"firewallSettingEventLogFileCachedEntriesLifeTime": {
"value": "30 Minutes"
},
"firewallSettingEventLogFileCachedEntriesNum": {
"value": "128"
},
"firewallSettingEventLogFileCachedEntriesStaleTime": {
"value": "15 Minutes"
},
"firewallSettingEventLogFileIgnoreSourceIpListId": {
"value": ""
},
"firewallSettingEventLogFileRetainNum": {
"value": "3"
},
"firewallSettingEventLogFileSizeMax": {
"value": "4 MB"
},
"firewallSettingEventsOutOfAllowedPolicyEnabled": {
"value": "true"
},
"firewallSettingFailureResponseEngineSystem": {
"value": "Fail closed"
},
"firewallSettingFailureResponsePacketSanityCheck": {
"value": "Fail closed"
},
"firewallSettingInterfaceIsolationEnabled": {
"value": "false"
},
"firewallSettingInterfaceLimitOneActiveEnabled": {
"value": "false"
},
"firewallSettingInterfacePatterns": {
"value": ""
},
"firewallSettingNetworkEngineMode": {
"value": "Inline"
},
"firewallSettingReconnaissanceBlockFingerprintProbeDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockNetworkOrPortScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpNullScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpSynFinScanDuration": {
"value": "No"
},
"firewallSettingReconnaissanceBlockTcpXmasAttackDuration": {
"value": "No"
},
"firewallSettingReconnaissanceDetectFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceDetectTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceExcludeIpListId": {
"value": "1"
},
"firewallSettingReconnaissanceIncludeIpListId": {
"value": ""
},
"firewallSettingReconnaissanceNotifyFingerprintProbeEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpNullScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled": {
"value": "true"
},
"firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled": {
"value": "true"
},
"firewallSettingSyslogConfigId": {
"value": "0"
},
"firewallSettingVirtualAndContainerNetworkScanEnabled": {
"value": "false"
},
"integrityMonitoringSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"integrityMonitoringSettingCombinedModeProtectionSource": {
"value": "Appliance preferred"
},
"integrityMonitoringSettingContentHashAlgorithm": {
"value": "sha1"
},
"integrityMonitoringSettingCpuUsageLevel": {
"value": "High"
},
"integrityMonitoringSettingRealtimeEnabled": {
"value": "false"
},
"integrityMonitoringSettingScanCacheConfigId": {
"value": "3"
},
"integrityMonitoringSettingSyslogConfigId": {
"value": "0"
},
"integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax": {
"value": "500000"
},
"intrusionPreventionSettingAutoApplyRecommendationsEnabled": {
"value": "Yes"
},
"intrusionPreventionSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"intrusionPreventionSettingEngineOptionFragmentedIpKeepMax": {
"value": "1000"
},
"intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled": {
"value": "true"
},
"intrusionPreventionSettingEngineOptionFragmentedIpTimeout": {
"value": "60 Seconds"
},
"intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled": {
"value": "false"
},
"intrusionPreventionSettingEngineOptionsEnabled": {
"value": "false"
},
"intrusionPreventionSettingLogDataRuleFirstMatchEnabled": {
"value": "true"
},
"intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel": {
"value": "No Tagging"
},
"intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled": {
"value": "true"
},
"logInspectionSettingAutoApplyRecommendationsEnabled": {
"value": "No"
},
"logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSeverityClippingAgentEventStoreLevelMin": {
"value": "Medium (6)"
},
"logInspectionSettingSyslogConfigId": {
"value": "0"
},
"platformSettingAgentCommunicationsDirection": {
"value": "Agent/Appliance Initiated"
},
"platformSettingAgentEventsSendInterval": {
"value": "60 Seconds"
},
"platformSettingAgentSelfProtectionEnabled": {
"value": "false"
},
"platformSettingAgentSelfProtectionPassword": {
"value": ""
},
"platformSettingAgentSelfProtectionPasswordEnabled": {
"value": "false"
},
"platformSettingAutoAssignNewIntrusionPreventionRulesEnabled": {
"value": "true"
},
"platformSettingAutoUpdateAntiMalwareEngineEnabled": {
"value": "false"
},
"platformSettingCombinedModeNetworkGroupProtectionSource": {
"value": "Agent preferred"
},
"platformSettingEnvironmentVariableOverrides": {
"value": ""
},
"platformSettingHeartbeatInactiveVmOfflineAlertEnabled": {
"value": "false"
},
"platformSettingHeartbeatInterval": {
"value": "10 Minutes"
},
"platformSettingHeartbeatLocalTimeShiftAlertThreshold": {
"value": "Unlimited"
},
"platformSettingHeartbeatMissedAlertThreshold": {
"value": "5"
},
"platformSettingInactiveAgentCleanupOverrideEnabled": {
"value": "false"
},
"platformSettingNotificationsSuppressPopupsEnabled": {
"value": "false"
},
"platformSettingRecommendationOngoingScansInterval": {
"value": "7 Days"
},
"platformSettingRelayState": {
"value": "false"
},
"platformSettingScanCacheConcurrencyMax": {
"value": "1"
},
"platformSettingScanOpenPortListId": {
"value": "1-1024"
},
"platformSettingSmartProtectionAntiMalwareGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerEnabled": {
"value": "true"
},
"platformSettingSmartProtectionGlobalServerProxyId": {
"value": ""
},
"platformSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"platformSettingTroubleshootingLoggingLevel": {
"value": "Do Not Override"
},
"webReputationSettingAlertingEnabled": {
"value": "false"
},
"webReputationSettingAllowedUrlDomains": {
"value": ""
},
"webReputationSettingAllowedUrls": {
"value": ""
},
"webReputationSettingBlockedUrlDomains": {
"value": ""
},
"webReputationSettingBlockedUrlKeywords": {
"value": ""
},
"webReputationSettingBlockedUrls": {
"value": ""
},
"webReputationSettingBlockingPageLink": {
"value": "http://sitesafety.trendmicro.com/"
},
"webReputationSettingCombinedModeProtectionSource": {
"value": "Agent preferred"
},
"webReputationSettingMonitorPortListId": {
"value": "80,8080"
},
"webReputationSettingSecurityBlockUntestedPagesEnabled": {
"value": "false"
},
"webReputationSettingSecurityLevel": {
"value": "Medium"
},
"webReputationSettingSmartProtectionGlobalServerUseProxyEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerEnabled": {
"value": "false"
},
"webReputationSettingSmartProtectionLocalServerUrls": {
"value": ""
},
"webReputationSettingSmartProtectionServerConnectionLostWarningEnabled": {
"value": "true"
},
"webReputationSettingSmartProtectionWebReputationGlobalServerProxyId": {
"value": ""
},
"webReputationSettingSyslogConfigId": {
"value": "0"
}
},
"recommendationScanMode": "ongoing",
"webReputation": {
"moduleStatus": {
"status": "inactive",
"statusMessage": "Off"
},
"state": "off"
}
}
}
}

Human Readable Output#

The New Policy#

IDNameDescription
106Example PolicyExample policy description

trendmicro-remove-firewall-rule-id-from-computer#


Remove a firewall rule ID from a certain computer

Base Command#

trendmicro-remove-firewall-rule-id-from-computer

Input#

Argument NameDescriptionRequired
computer_idThe computer ID.Required
firewall_rule_idThe firewall rule ID to remove.Required

Context Output#

There is no context output for this command.

Command Example#

!trendmicro-remove-firewall-rule-id-from-computer computer_id=216 firewall_rule_id=31

Human Readable Output#

The firewall rule 31 was successfully deleted from computer 216!

trendmicro-list-default-policy-settings#


List default policy settings

Base Command#

trendmicro-list-default-policy-settings

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
TrendMicro.DefaultPolicySettings.namestringThe name of the default policy setting
TrendMicro.DefaultPolicySettings.valuestringThe value of the default policy setting

Command Example#

!trendmicro-list-default-policy-settings

Context Example#

{
"TrendMicro": {
"DefaultPolicySettings": [
{
"name": "logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin",
"value": "Medium (6)"
},
{
"name": "firewallSettingEngineOptionConnectionsCleanupMax",
"value": "1000"
},
{
"name": "firewallSettingEngineOptionVerifyTcpChecksumEnabled",
"value": "false"
},
{
"name": "antiMalwareSettingScanCacheOnDemandConfigId",
"value": ""
},
{
"name": "applicationControlSettingSharedRulesetId",
"value": "0"
},
{
"name": "applicationControlSettingState",
"value": "Off"
},
{
"name": "webReputationSettingSmartProtectionServerConnectionLostWarningEnabled",
"value": "true"
},
{
"name": "applicationControlSettingExecutionEnforcementLevel",
"value": "Allow unrecognized software until it is explicitly blocked"
},
{
"name": "webReputationSettingBlockedUrlDomains",
"value": ""
},
{
"name": "firewallSettingEngineOptionSynSentTimeout",
"value": "20 Seconds"
},
{
"name": "platformSettingAgentSelfProtectionPassword",
"value": ""
},
{
"name": "firewallSettingReconnaissanceBlockTcpXmasAttackDuration",
"value": "No"
},
{
"name": "intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled",
"value": "true"
},
{
"name": "logInspectionSettingSyslogConfigId",
"value": "0"
},
{
"name": "firewallSettingEngineOptionDebugModeEnabled",
"value": "false"
},
{
"name": "firewallSettingVirtualAndContainerNetworkScanEnabled",
"value": "false"
},
{
"name": "antiMalwareSettingFileHashSha256Enabled",
"value": "false"
},
{
"name": "firewallSettingReconnaissanceNotifyFingerprintProbeEnabled",
"value": "true"
},
{
"name": "firewallSettingEventLogFileRetainNum",
"value": "3"
},
{
"name": "firewallSettingAntiEvasionCheckTcpPawsZero",
"value": "Allow"
},
{
"name": "antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled",
"value": "true"
},
{
"name": "intrusionPreventionSettingEngineOptionFragmentedIpKeepMax",
"value": "1000"
},
{
"name": "firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled",
"value": "true"
},
{
"name": "logInspectionSettingSeverityClippingAgentEventStoreLevelMin",
"value": "Medium (6)"
},
{
"name": "platformSettingScanCacheConcurrencyMax",
"value": "1"
},
{
"name": "antiMalwareSettingSyslogConfigId",
"value": "0"
},
{
"name": "firewallSettingAntiEvasionTcpPawsWindowPolicy",
"value": "0"
},
{
"name": "firewallSettingReconnaissanceDetectTcpXmasAttackEnabled",
"value": "true"
},
{
"name": "applicationControlSettingRulesetMode",
"value": "Use local ruleset"
},
{
"name": "antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled",
"value": "false"
},
{
"name": "webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal",
"value": "false"
},
{
"name": "integrityMonitoringSettingCombinedModeProtectionSource",
"value": "Appliance preferred"
},
{
"name": "firewallSettingEngineOptionCloseWaitTimeout",
"value": "2 Minutes"
},
{
"name": "platformSettingScanOpenPortListId",
"value": "1-1024"
},
{
"name": "platformSettingAgentSelfProtectionPasswordEnabled",
"value": "false"
},
{
"name": "firewallSettingEngineOptionAckTimeout",
"value": "1 Second"
},
{
"name": "firewallSettingEventLogFileCachedEntriesStaleTime",
"value": "15 Minutes"
},
{
"name": "firewallSettingCombinedModeProtectionSource",
"value": "Agent preferred"
},
{
"name": "platformSettingAgentEventsSendInterval",
"value": "60 Seconds"
},
{
"name": "platformSettingInactiveAgentCleanupOverrideEnabled",
"value": "false"
},
{
"name": "firewallSettingFailureResponseEngineSystem",
"value": "Fail closed"
},
{
"name": "platformSettingRelayState",
"value": "false"
},
{
"name": "firewallSettingEngineOptionDropEvasiveRetransmitEnabled",
"value": "false"
},
{
"name": "firewallSettingState",
"value": "Off"
},
{
"name": "activityMonitoringSettingIndicatorEnabled",
"value": "Off"
},
{
"name": "intrusionPreventionSettingEngineOptionFragmentedIpTimeout",
"value": "60 Seconds"
},
{
"name": "firewallSettingAntiEvasionCheckTcpZeroFlags",
"value": "Deny"
},
{
"name": "webReputationSettingSmartProtectionGlobalServerUseProxyEnabled",
"value": "false"
},
{
"name": "intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel",
"value": "No Tagging"
},
{
"name": "firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionUdpTimeout",
"value": "20 Seconds"
},
{
"name": "webReputationSettingSmartProtectionLocalServerEnabled",
"value": "false"
},
{
"name": "firewallSettingEngineOptionTcpMssLimit",
"value": "128 Bytes"
},
{
"name": "firewallSettingEngineOptionColdStartTimeout",
"value": "5 Minutes"
},
{
"name": "firewallSettingEngineOptionEstablishedTimeout",
"value": "3 Hours"
},
{
"name": "antiMalwareSettingIdentifiedFilesSpaceMaxMbytes",
"value": "1024"
},
{
"name": "webReputationSettingState",
"value": "Off"
},
{
"name": "firewallSettingEngineOptionAllowNullIpEnabled",
"value": "true"
},
{
"name": "platformSettingNotificationsSuppressPopupsEnabled",
"value": "false"
},
{
"name": "firewallSettingAntiEvasionCheckTcpRstFinFlags",
"value": "Deny"
},
{
"name": "firewallSettingEngineOptionDisconnectTimeout",
"value": "60 Seconds"
},
{
"name": "firewallSettingEngineOptionCloseTimeout",
"value": "0 Seconds"
},
{
"name": "firewallSettingEngineOptionTunnelDepthMaxExceededAction",
"value": "Drop"
},
{
"name": "firewallSettingReconnaissanceDetectTcpNullScanEnabled",
"value": "true"
},
{
"name": "platformSettingSmartProtectionAntiMalwareGlobalServerProxyId",
"value": ""
},
{
"name": "firewallSettingEngineOptionFilterIpv4Tunnels",
"value": "Disable Detection of IPv4 Tunnels"
},
{
"name": "webReputationSettingSmartProtectionLocalServerUrls",
"value": ""
},
{
"name": "firewallSettingEngineOptionLogOnePacketPeriod",
"value": "5 Minutes"
},
{
"name": "firewallSettingEngineOptionFilterIpv6Tunnels",
"value": "Disable Detection of IPv6 Tunnels"
},
{
"name": "firewallSettingAntiEvasionCheckTcpCongestionFlags",
"value": "Allow"
},
{
"name": "platformSettingHeartbeatMissedAlertThreshold",
"value": "2"
},
{
"name": "intrusionPreventionSettingEngineOptionsEnabled",
"value": "false"
},
{
"name": "firewallSettingEngineOptionConnectionsNumUdpMax",
"value": "1000000"
},
{
"name": "integrityMonitoringSettingAutoApplyRecommendationsEnabled",
"value": "No"
},
{
"name": "firewallSettingEngineOptionTunnelDepthMax",
"value": "1"
},
{
"name": "firewallSettingEngineOptionDropUnknownSslProtocolEnabled",
"value": "true"
},
{
"name": "antiMalwareSettingNsxSecurityTaggingValue",
"value": "ANTI_VIRUS.VirusFound.threat=medium"
},
{
"name": "intrusionPreventionSettingLogDataRuleFirstMatchEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionLoggingPolicy",
"value": "Default"
},
{
"name": "platformSettingTroubleshootingLoggingLevel",
"value": "Do Not Override"
},
{
"name": "antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax",
"value": "500000"
},
{
"name": "webReputationSettingCombinedModeProtectionSource",
"value": "Agent preferred"
},
{
"name": "firewallSettingEngineOptionClosingTimeout",
"value": "1 Second"
},
{
"name": "antiMalwareSettingState",
"value": "Off"
},
{
"name": "firewallSettingAntiEvasionCheckPaws",
"value": "Ignore"
},
{
"name": "intrusionPreventionSettingAutoApplyRecommendationsEnabled",
"value": "No"
},
{
"name": "firewallSettingReconnaissanceDetectFingerprintProbeEnabled",
"value": "true"
},
{
"name": "antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionLogPacketLengthMax",
"value": "1500 Bytes"
},
{
"name": "firewallSettingEngineOptionDropTeredoAnomaliesEnabled",
"value": "true"
},
{
"name": "webReputationSettingSecurityLevel",
"value": "Medium"
},
{
"name": "firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled",
"value": "false"
},
{
"name": "logInspectionSettingState",
"value": "Off"
},
{
"name": "activityMonitoringSettingActivityEnabled",
"value": "Off"
},
{
"name": "firewallSettingEngineOptionStrictTerodoPortCheckEnabled",
"value": "true"
},
{
"name": "webReputationSettingBlockedUrlKeywords",
"value": ""
},
{
"name": "webReputationSettingSyslogConfigId",
"value": "0"
},
{
"name": "firewallSettingFailureResponsePacketSanityCheck",
"value": "Fail closed"
},
{
"name": "firewallSettingNetworkEngineMode",
"value": "Inline"
},
{
"name": "firewallSettingEventLogFileSizeMax",
"value": "4 MB"
},
{
"name": "antiMalwareSettingMalwareScanMultithreadedProcessingEnabled",
"value": "false"
},
{
"name": "firewallSettingReconnaissanceDetectTcpSynFinScanEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionDropIpZeroPayloadEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled",
"value": "true"
},
{
"name": "intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled",
"value": "true"
},
{
"name": "antiMalwareSettingPredictiveMachineLearningExceptions",
"value": ""
},
{
"name": "firewallSettingEngineOptionLogEventsPerSecondMax",
"value": "100"
},
{
"name": "firewallSettingEngineOptionSslSessionTime",
"value": "24 Hours"
},
{
"name": "antiMalwareSettingBehaviorMonitoringScanExclusionList",
"value": ""
},
{
"name": "antiMalwareSettingSmartProtectionGlobalServerEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled",
"value": "false"
},
{
"name": "firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled",
"value": "false"
},
{
"name": "platformSettingHeartbeatInactiveVmOfflineAlertEnabled",
"value": "false"
},
{
"name": "webReputationSettingSmartProtectionWebReputationGlobalServerProxyId",
"value": ""
},
{
"name": "antiMalwareSettingNsxSecurityTaggingEnabled",
"value": "true"
},
{
"name": "firewallSettingAntiEvasionCheckFragmentedPackets",
"value": "Allow"
},
{
"name": "firewallSettingEngineOptionConnectionsNumIcmpMax",
"value": "10000"
},
{
"name": "firewallSettingAntiEvasionCheckTcpSplitHandshake",
"value": "Deny"
},
{
"name": "antiMalwareSettingCombinedModeProtectionSource",
"value": "Appliance preferred"
},
{
"name": "firewallSettingEngineOptionEventNodesMax",
"value": "20000"
},
{
"name": "webReputationSettingMonitorPortListId",
"value": "80,8080"
},
{
"name": "applicationControlSettingSyslogConfigId",
"value": "0"
},
{
"name": "firewallSettingAntiEvasionCheckOutNoConnection",
"value": "Allow"
},
{
"name": "firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled",
"value": "false"
},
{
"name": "integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax",
"value": "500000"
},
{
"name": "firewallSettingReconnaissanceNotifyTcpNullScanEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionIgnoreStatusCode1",
"value": "None"
},
{
"name": "firewallSettingEngineOptionIgnoreStatusCode0",
"value": "None"
},
{
"name": "firewallSettingEngineOptionIgnoreStatusCode2",
"value": "None"
},
{
"name": "firewallSettingEngineOptionSslSessionSize",
"value": "Low - 2500"
},
{
"name": "antiMalwareSettingScanCacheRealTimeConfigId",
"value": ""
},
{
"name": "platformSettingRecommendationOngoingScansInterval",
"value": "7 Days"
},
{
"name": "platformSettingSmartProtectionGlobalServerUseProxyEnabled",
"value": "false"
},
{
"name": "firewallSettingInterfaceLimitOneActiveEnabled",
"value": "false"
},
{
"name": "firewallSettingAntiEvasionCheckTcpChecksum",
"value": "Allow"
},
{
"name": "firewallSettingEngineOptionDropIpv6ExtType0Enabled",
"value": "true"
},
{
"name": "antiMalwareSettingScanFileSizeMaxMbytes",
"value": "0"
},
{
"name": "firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled",
"value": "false"
},
{
"name": "antiMalwareSettingFileHashSizeMaxMbytes",
"value": "128"
},
{
"name": "firewallSettingEventLogFileCachedEntriesLifeTime",
"value": "30 Minutes"
},
{
"name": "platformSettingSmartProtectionGlobalServerProxyId",
"value": ""
},
{
"name": "logInspectionSettingAutoApplyRecommendationsEnabled",
"value": "No"
},
{
"name": "antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled",
"value": "true"
},
{
"name": "webReputationSettingBlockingPageLink",
"value": "http://sitesafety.trendmicro.com/"
},
{
"name": "firewallSettingSyslogConfigId",
"value": "0"
},
{
"name": "platformSettingAgentCommunicationsDirection",
"value": "Agent/Appliance Initiated"
},
{
"name": "integrityMonitoringSettingScanCacheConfigId",
"value": ""
},
{
"name": "antiMalwareSettingDocumentExploitProtectionRuleExceptions",
"value": ""
},
{
"name": "firewallSettingAntiEvasionCheckTcpSynWithData",
"value": "Deny"
},
{
"name": "antiMalwareSettingFileHashEnabled",
"value": "false"
},
{
"name": "firewallSettingReconnaissanceBlockFingerprintProbeDuration",
"value": "No"
},
{
"name": "firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionBootStartTimeout",
"value": "20 Seconds"
},
{
"name": "firewallSettingEngineOptionConnectionsNumTcpMax",
"value": "1000000"
},
{
"name": "firewallSettingAntiEvasionSecurityPosture",
"value": "Normal"
},
{
"name": "firewallSettingInterfacePatterns",
"value": ""
},
{
"name": "firewallSettingInterfaceIsolationEnabled",
"value": "false"
},
{
"name": "antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax",
"value": "500000"
},
{
"name": "firewallSettingEventsOutOfAllowedPolicyEnabled",
"value": "true"
},
{
"name": "firewallSettingAntiEvasionCheckEvasiveRetransmit",
"value": "Allow"
},
{
"name": "firewallSettingEngineOptionIcmpTimeout",
"value": "60 Seconds"
},
{
"name": "integrityMonitoringSettingSyslogConfigId",
"value": "0"
},
{
"name": "firewallSettingEngineOptionConnectionCleanupTimeout",
"value": "10 Seconds"
},
{
"name": "antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal",
"value": "false"
},
{
"name": "firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionErrorTimeout",
"value": "10 Seconds"
},
{
"name": "integrityMonitoringSettingState",
"value": "Off"
},
{
"name": "webReputationSettingAllowedUrls",
"value": ""
},
{
"name": "firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionFinWait1Timeout",
"value": "2 Minutes"
},
{
"name": "firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled",
"value": "false"
},
{
"name": "activityMonitoringSettingSyslogConfigId",
"value": "0"
},
{
"name": "firewallSettingAntiEvasionCheckTcpSynRstFlags",
"value": "Deny"
},
{
"name": "antiMalwareSettingSpywareApprovedList",
"value": ""
},
{
"name": "activityMonitoringSettingState",
"value": "Off"
},
{
"name": "firewallSettingAntiEvasionCheckTcpUrgentFlags",
"value": "Allow"
},
{
"name": "intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel",
"value": "No Tagging"
},
{
"name": "intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled",
"value": "false"
},
{
"name": "firewallSettingEngineOptionLogAllPacketDataEnabled",
"value": "false"
},
{
"name": "firewallSettingAntiEvasionCheckTcpSynFinFlags",
"value": "Deny"
},
{
"name": "platformSettingHeartbeatInterval",
"value": "10 Minutes"
},
{
"name": "firewallSettingEngineOptionFragmentSizeMin",
"value": "120"
},
{
"name": "antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled",
"value": "true"
},
{
"name": "firewallSettingReconnaissanceBlockNetworkOrPortScanDuration",
"value": "No"
},
{
"name": "integrityMonitoringSettingContentHashAlgorithm",
"value": "sha1"
},
{
"name": "antiMalwareSettingSmartScanState",
"value": "Automatic"
},
{
"name": "firewallSettingConfigPackageExceedsAlertMaxEnabled",
"value": "true"
},
{
"name": "platformSettingEnvironmentVariableOverrides",
"value": ""
},
{
"name": "firewallSettingEngineOptionFragmentOffsetMin",
"value": "60"
},
{
"name": "antiMalwareSettingSmartProtectionLocalServerUrls",
"value": ""
},
{
"name": "firewallSettingEngineOptionSynRcvdTimeout",
"value": "60 Seconds"
},
{
"name": "firewallSettingEventLogFileCachedEntriesNum",
"value": "128"
},
{
"name": "firewallSettingEngineOptionForceAllowIcmpType3Code4",
"value": "Add Force Allow rule for ICMP type3 code4"
},
{
"name": "firewallSettingReconnaissanceBlockTcpNullScanDuration",
"value": "No"
},
{
"name": "platformSettingSmartProtectionGlobalServerEnabled",
"value": "true"
},
{
"name": "integrityMonitoringSettingRealtimeEnabled",
"value": "false"
},
{
"name": "firewallSettingEngineOptionLastAckTimeout",
"value": "30 Seconds"
},
{
"name": "firewallSettingReconnaissanceExcludeIpListId",
"value": ""
},
{
"name": "platformSettingAgentSelfProtectionEnabled",
"value": "false"
},
{
"name": "firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled",
"value": "true"
},
{
"name": "firewallSettingAntiEvasionCheckFinNoConnection",
"value": "Allow"
},
{
"name": "firewallSettingEngineOptionDebugPacketNumMax",
"value": "8"
},
{
"name": "intrusionPreventionSettingState",
"value": "Off"
},
{
"name": "firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled",
"value": "false"
},
{
"name": "firewallSettingReconnaissanceEnabled",
"value": "true"
},
{
"name": "platformSettingHeartbeatLocalTimeShiftAlertThreshold",
"value": "Unlimited"
},
{
"name": "antiMalwareSettingFileHashMd5Enabled",
"value": "false"
},
{
"name": "firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionSilentTcpConnectionDropEnabled",
"value": "false"
},
{
"name": "firewallSettingEngineOptionBlockSameSrcDstIpEnabled",
"value": "true"
},
{
"name": "firewallSettingEngineOptionForceAllowDhcpDns",
"value": "Allow DNS Query and DHCP Client"
},
{
"name": "firewallSettingReconnaissanceIncludeIpListId",
"value": ""
},
{
"name": "firewallSettingEngineOptionsEnabled",
"value": "false"
},
{
"name": "firewallSettingReconnaissanceBlockTcpSynFinScanDuration",
"value": "No"
},
{
"name": "webReputationSettingSecurityBlockUntestedPagesEnabled",
"value": "false"
},
{
"name": "webReputationSettingAllowedUrlDomains",
"value": ""
},
{
"name": "firewallSettingEventLogFileIgnoreSourceIpListId",
"value": ""
},
{
"name": "firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled",
"value": "true"
},
{
"name": "platformSettingAutoAssignNewIntrusionPreventionRulesEnabled",
"value": "true"
},
{
"name": "firewallSettingAntiEvasionCheckRstNoConnection",
"value": "Allow"
},
{
"name": "webReputationSettingBlockedUrls",
"value": ""
},
{
"name": "platformSettingCombinedModeNetworkGroupProtectionSource",
"value": "Agent preferred"
},
{
"name": "webReputationSettingAlertingEnabled",
"value": "false"
},
{
"name": "antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled",
"value": "true"
},
{
"name": "integrityMonitoringSettingCpuUsageLevel",
"value": "High"
},
{
"name": "platformSettingAutoUpdateAntiMalwareEngineEnabled",
"value": "false"
},
{
"name": "intrusionPreventionSettingCombinedModeProtectionSource",
"value": "Agent preferred"
}
]
}
}

Human Readable Output#

The Default Policy Settings#

Activity Monitoring Setting Activity EnabledActivity Monitoring Setting Indicator EnabledActivity Monitoring Setting StateActivity Monitoring Setting Syslog Config IdAnti Malware Setting Combined Mode Protection SourceAnti Malware Setting Connected Threat Defense Suspicious File Ddan Submission EnabledAnti Malware Setting Connected Threat Defense Use Control Manager Suspicious Object List EnabledAnti Malware Setting File Hash EnabledAnti Malware Setting File Hash Md 5 EnabledAnti Malware Setting File Hash Sha 256 EnabledAnti Malware Setting File Hash Size Max MbytesAnti Malware Setting Identified Files Space Max MbytesAnti Malware Setting Malware Scan Multithreaded Processing EnabledAnti Malware Setting Nsx Security Tagging EnabledAnti Malware Setting Nsx Security Tagging On Remediation Failure EnabledAnti Malware Setting Nsx Security Tagging Remove On Clean Scan EnabledAnti Malware Setting Nsx Security Tagging ValueAnti Malware Setting Scan File Size Max MbytesAnti Malware Setting Smart Protection Global Server EnabledAnti Malware Setting Smart Protection Global Server Use Proxy EnabledAnti Malware Setting Smart Protection Local Server Allow Off Domain GlobalAnti Malware Setting Smart Protection Server Connection Lost Warning EnabledAnti Malware Setting Smart Scan StateAnti Malware Setting StateAnti Malware Setting Syslog Config IdAnti Malware Setting Virtual Appliance On Demand Scan Cache Entries MaxAnti Malware Setting Virtual Appliance Real Time Scan Cache Entries MaxApplication Control Setting Execution Enforcement LevelApplication Control Setting Ruleset ModeApplication Control Setting Shared Ruleset IdApplication Control Setting StateApplication Control Setting Syslog Config IdFirewall Setting Anti Evasion Check Evasive RetransmitFirewall Setting Anti Evasion Check Fin No ConnectionFirewall Setting Anti Evasion Check Fragmented PacketsFirewall Setting Anti Evasion Check Out No ConnectionFirewall Setting Anti Evasion Check PawsFirewall Setting Anti Evasion Check Rst No ConnectionFirewall Setting Anti Evasion Check Tcp Check sumFirewall Setting Anti Evasion Check Tcp Congestion FlagsFirewall Setting Anti Evasion Check Tcp Paws ZeroFirewall Setting Anti Evasion Check Tcp Rst Fin FlagsFirewall Setting Anti Evasion Check Tcp Split HandshakeFirewall Setting Anti Evasion Check Tcp Syn Fin FlagsFirewall Setting Anti Evasion Check Tcp Syn Rst FlagsFirewall Setting Anti Evasion Check Tcp Syn With DataFirewall Setting Anti Evasion Check Tcp Urgent FlagsFirewall Setting Anti Evasion Check Tcp Zero FlagsFirewall Setting Anti Evasion Security PostureFirewall Setting Anti Evasion Tcp Paws Window PolicyFirewall Setting Combined Mode Protection SourceFirewall Setting Config Package Exceeds Alert Max EnabledFirewall Setting Engine Option Ack TimeoutFirewall Setting Engine Option Allow Null Ip EnabledFirewall Setting Engine Option Block Ipv 6 Agent 8 And Earlier EnabledFirewall Setting Engine Option Block Ipv 6 Agent 9 And Later EnabledFirewall Setting Engine Option Block Same Src Dst Ip EnabledFirewall Setting Engine Option Boot Start TimeoutFirewall Setting Engine Option Bypass Cisco Waas Connections EnabledFirewall Setting Engine Option Close TimeoutFirewall Setting Engine Option Close Wait TimeoutFirewall Setting Engine Option Closing TimeoutFirewall Setting Engine Option Cold Start TimeoutFirewall Setting Engine Option Connection Cleanup TimeoutFirewall Setting Engine Option Connections Cleanup MaxFirewall Setting Engine Option Connections Num Icmp MaxFirewall Setting Engine Option Connections Num Tcp MaxFirewall Setting Engine Option Connections Num Udp MaxFirewall Setting Engine Option Debug Mode EnabledFirewall Setting Engine Option Debug Packet Num MaxFirewall Setting Engine Option Disconnect TimeoutFirewall Setting Engine Option Drop 6 To 4 Bogons Addresses EnabledFirewall Setting Engine Option Drop Evasive Retransmit EnabledFirewall Setting Engine Option Drop Ip Zero Payload EnabledFirewall Setting Engine Option Drop Ipv 6 Bogons Addresses EnabledFirewall Setting Engine Option Drop Ipv 6 Ext Type 0 EnabledFirewall Setting Engine Option Drop Ipv 6 Fragments Lower Than Min Mtu EnabledFirewall Setting Engine Option Drop Ipv 6 Reserved Addresses EnabledFirewall Setting Engine Option Drop Ipv 6 Site Local Addresses EnabledFirewall Setting Engine Option Drop Teredo Anomalies EnabledFirewall Setting Engine Option Drop Unknown Ssl Protocol EnabledFirewall Setting Engine Option Error TimeoutFirewall Setting Engine Option Established TimeoutFirewall Setting Engine Option Event Nodes MaxFirewall Setting Engine Option Filter Ipv 4 TunnelsFirewall Setting Engine Option Filter Ipv 6 TunnelsFirewall Setting Engine Option Fin Wait 1 TimeoutFirewall Setting Engine Option Force Allow Dhcp DnsFirewall Setting Engine Option Force Allow Icmp Type 3 Code 4Firewall Setting Engine Option Fragment Offset MinFirewall Setting Engine Option Fragment Size MinFirewall Setting Engine Option Generate Connection Events Icmp EnabledFirewall Setting Engine Option Generate Connection Events Tcp EnabledFirewall Setting Engine Option Generate Connection Events Udp EnabledFirewall Setting Engine Option Icmp TimeoutFirewall Setting Engine Option Ignore Status Code 0Firewall Setting Engine Option Ignore Status Code 1Firewall Setting Engine Option Ignore Status Code 2Firewall Setting Engine Option Last Ack TimeoutFirewall Setting Engine Option Log All Packet Data EnabledFirewall Setting Engine Option Log Events Per Second MaxFirewall Setting Engine Option Log One Packet PeriodFirewall Setting Engine Option Log One Packet Within Period EnabledFirewall Setting Engine Option Log Packet Length MaxFirewall Setting Engine Option Logging PolicyFirewall Setting Engine Option Silent Tcp Connection Drop EnabledFirewall Setting Engine Option Ssl Session SizeFirewall Setting Engine Option Ssl Session TimeFirewall Setting Engine Option Strict Terodo Port Check EnabledFirewall Setting Engine Option Syn Rcvd TimeoutFirewall Setting Engine Option Syn Sent TimeoutFirewall Setting Engine Option Tcp Mss LimitFirewall Setting Engine Option Tunnel Depth MaxFirewall Setting Engine Option Tunnel Depth Max Exceeded ActionFirewall Setting Engine Option Udp TimeoutFirewall Setting Engine Option Verify Tcp Checksum EnabledFirewall Setting Engine Options EnabledFirewall Setting Event Log File Cached Entries Life TimeFirewall Setting Event Log File Cached Entries NumFirewall Setting Event Log File Cached Entries Stale TimeFirewall Setting Event Log File Retain NumFirewall Setting Event Log File Size MaxFirewall Setting Events Out Of Allowed Policy EnabledFirewall Setting Failure Response Engine SystemFirewall Setting Failure Response Packet Sanity CheckFirewall Setting Interface Isolation EnabledFirewall Setting Interface Limit One Active EnabledFirewall Setting Network Engine ModeFirewall Setting Reconnaissance Block Fingerprint Probe DurationFirewall Setting Reconnaissance Block Network Or Port Scan DurationFirewall Setting Reconnaissance Block Tcp Null Scan DurationFirewall Setting Reconnaissance Block Tcp Syn Fin Scan DurationFirewall Setting Reconnaissance Block Tcp Xmas Attack DurationFirewall Setting Reconnaissance Detect Fingerprint Probe EnabledFirewall Setting Reconnaissance Detect Network Or Port Scan EnabledFirewall Setting Reconnaissance Detect Tcp Null Scan EnabledFirewall Setting Reconnaissance Detect Tcp Syn Fin Scan EnabledFirewall Setting Reconnaissance Detect Tcp Xmas Attack EnabledFirewall Setting Reconnaissance EnabledFirewall Setting Reconnaissance Notify Fingerprint Probe EnabledFirewall Setting Reconnaissance Notify Network Or Port Scan EnabledFirewall Setting Reconnaissance Notify Tcp Null Scan EnabledFirewall Setting Reconnaissance Notify Tcp Syn Fin Scan EnabledFirewall Setting Reconnaissance Notify Tcp Xmas Attack EnabledFirewall Setting StateFirewall Setting Syslog Config IdFirewall Setting Virtual And Container Network Scan EnabledIntegrity Monitoring Setting Auto Apply Recommendations EnabledIntegrity Monitoring Setting Combined Mode Protection SourceIntegrity Monitoring Setting Content Hash AlgorithmIntegrity Monitoring Setting Cpu Usage LevelIntegrity Monitoring Setting Realtime EnabledIntegrity Monitoring Setting StateIntegrity Monitoring Setting Syslog Config IdIntegrity Monitoring Setting Virtual Appliance Optimization Scan Cache Entries MaxIntrusion Prevention Setting Auto Apply Recommendations EnabledIntrusion Prevention Setting Combined Mode Protection SourceIntrusion Prevention Setting Engine Option Fragmented Ip Keep MaxIntrusion Prevention Setting Engine Option Fragmented Ip Packet Send Icmp EnabledIntrusion Prevention Setting Engine Option Fragmented Ip TimeoutIntrusion Prevention Setting Engine Option Fragmented Ip Unconcerned Mac Address Bypass EnabledIntrusion Prevention Setting Engine Options EnabledIntrusion Prevention Setting Log Data Rule First Match EnabledIntrusion Prevention Setting Nsx Security Tagging Detect Mode LevelIntrusion Prevent ion Setting Nsx Security Tagging Prevent Mode LevelIntrusion Prevention Setting StateIntrusion Prevention Setting Virtual And Container Network Scan EnabledLog Inspection Setting Auto Apply Recommendations EnabledLog Inspection Setting Severity Clipping Agent Event Send Sys Log Level MinLog Inspection Setting Severity Clipping Agent Event Store Level MinLog Inspection Setting StateLog Inspection Setting Sys Log Config IdPlatform Setting Agent Communications DirectionPlatform Setting Agent Events Send IntervalPlatform Setting Agent Self Protection EnabledPlatform Setting Agent Self Protection Password EnabledPlatform Setting Auto Assign New Intrusion Prevention Rules EnabledPlatform Setting Auto Update Anti Malware Engine EnabledPlatform Setting Combined Mode Network Group Protection SourcePlatform Setting Heartbeat Inactive Vm Offline Alert EnabledPlatform Setting Heartbeat IntervalPlatform Setting Heartbeat Local Time Shift Alert ThresholdPlatform Setting Heartbeat Missed Alert ThresholdPlatform Setting Inactive Agent Cleanup Override EnabledPlatform Setting Notifications Suppress Popups EnabledPlatform Setting Recommendation Ongoing Scans IntervalPlatform Setting Relay StatePlatform Setting Scan Cache Concurrency MaxPlatform Setting Scan Open Port List IdPlatform Setting Smart Protection Global Server EnabledPlatform Setting Smart Protection Global Server Use Proxy EnabledPlatform Setting Troubleshooting Logging LevelWeb Reputation Setting Alerting EnabledWeb Reputation Setting Blocking Page LinkWeb Reputation Setting Combined Mode Protection SourceWeb Reputation Setting Monitor Port List IdWeb Reputation Setting Security Block Untested Pages EnabledWeb Reputation Setting Security LevelWeb Reputation Setting Smart Protection Global Server Use Proxy EnabledWeb Reputation Setting Smart Protection Local Server Allow Off Domain GlobalWeb Reputation Setting Smart Protection Local Server EnabledWeb Reputation Setting Smart Protection Server Connection Lost Warning EnabledWeb Reputation Setting StateWeb Reputation Setting Syslog Config Id
OffOffOff0Appliance preferredtruetruefalsefalsefalse1281024falsetruetruetrueANTI_VIRUS.VirusFound.threat=medium0truefalsefalsetrueAutomaticOff0500000500000Allow unrecognized software until it is explicitly blockedUse local ruleset0Off0AllowAllowAllowAllowIgnoreAllowAllowAllowAllowDenyDenyDenyDenyDenyAllowDenyNormal0Agent preferredtrue1 Secondtruetruefalsetrue20 Secondsfalse0 Seconds2 Minutes1 Second5 Minutes10 Seconds10001000010000001000000false860 Secondstruefalsetruetruetruetruetruefalsetruetrue10 Seconds3 Hours20000Disable Detection of IPv4 TunnelsDisable Detection of IPv6 Tunnels2 MinutesAllow DNS Query and DHCP ClientAdd Force Allow rule for ICMP type3 code460120falsefalsefalse60 SecondsNoneNoneNone30 Secondsfalse1005 Minutesfalse1500 BytesDefaultfalseLow - 250024 Hourstrue60 Seconds20 Seconds128 Bytes1Drop20 Secondsfalsefalse30 Minutes12815 Minutes34 MBtrueFail closedFail closedfalsefalseInlineNoNoNoNoNotruetruetruetruetruetruetruetruetruetruetrueOff0falseNoAppliance preferredsha1HighfalseOff0500000NoAgent preferred1000true60 SecondsfalsefalsetrueNo TaggingNo TaggingOfftrueNoMedium (6)Medium (6)Off0Agent/Appliance Initiated60 SecondsfalsefalsetruefalseAgent preferredfalse10 MinutesUnlimited2falsefalse7 Daysfalse11-1024truefalseDo Not Overridefalsehttp://sitesafety.trendmicro.com/Agent preferred80,8080falseMediumfalsefalsefalsetrueOff0

trendmicro-get-default-policy-setting#


Get information about a certain default policy setting

Base Command#

trendmicro-get-default-policy-setting

Input#

Argument NameDescriptionRequired
nameThe name of the default setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource.Required

Context Output#

PathTypeDescription
TrendMicro.DefaultPolicySettings.namestringThe name of the default policy setting
TrendMicro.DefaultPolicySettings.valuestringThe value of the default policy setting

Command Example#

!trendmicro-get-default-policy-setting name=antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled

Context Example#

{
"TrendMicro": {
"DefaultPolicySettings": {
"name": "antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled",
"value": "true"
}
}
}

Human Readable Output#

Default Policy Setting#

NameValue
antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabledtrue

trendmicro-modify-default-policy-setting#


Modify the value of a certain default policy setting

Base Command#

trendmicro-modify-default-policy-setting

Input#

Argument NameDescriptionRequired
nameThe name of the default setting.Required
valueThe new value of the default setting.Required

Context Output#

PathTypeDescription
TrendMicro.DefaultPolicySettings.namestringThe name of the default policy setting
TrendMicro.DefaultPolicySettings.valueunknownThe value of the default policy setting

Command Example#

!trendmicro-modify-default-policy-setting name=antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled value=false

Context Example#

{
"TrendMicro": {
"DefaultPolicySettings": {
"name": "antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled",
"value": "false"
}
}
}

Human Readable Output#

Default Policy Setting#

NameValue
antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabledfalse

trendmicro-reset-default-policy-setting#


Reset the value of a certain default policy setting

Base Command#

trendmicro-reset-default-policy-setting

Input#

Argument NameDescriptionRequired
nameThe name of the default setting.Required

Context Output#

PathTypeDescription
TrendMicro.DefaultPolicySettings.nameunknownThe name of the default policy setting
TrendMicro.DefaultPolicySettings.valueunknownThe value of the default policy setting

Command Example#

!trendmicro-reset-default-policy-setting name=antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled

Context Example#

{
"TrendMicro": {
"DefaultPolicySettings": {
"name": "antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled",
"value": "true"
}
}
}

Human Readable Output#

Default Policy Setting#

NameValue
antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabledtrue

trendmicro-list-scheduled-task#


Get information on all scheduled tasks.

Base Command#

trendmicro-list-scheduled-task

Input#

Argument NameDescriptionRequired
task_idThe ID of the task to retrieve.Optional

Context Output#

PathTypeDescription
TrendMicro.ScheduledTask.nameStringThe name of the scheduled task.
TrendMicro.ScheduledTask.typeStringThe type of the scheduled task.
TrendMicro.ScheduledTask.scheduleDetails.timeZoneStringThe timezone of the scheduled task.
TrendMicro.ScheduledTask.scheduleDetails.recurrenceTypeStringThe recurrence type of the scheduled task.
TrendMicro.ScheduledTask.scheduleDetails.onceOnlyScheduleParameters.startTimeNumberThe start time of the scheduled task.
TrendMicro.ScheduledTask.enabledBooleanWhether the scheduled task is enabled.
TrendMicro.ScheduledTask.nextRunTimeDateThe next run time of the scheduled task.
TrendMicro.ScheduledTask.scanForMalwareTaskParameters.computerFilter.typeStringThe type of the computer filter of the scheduled task.
TrendMicro.ScheduledTask.scanForMalwareTaskParameters.computerFilter.computerIDNumberThe computer ID of the scheduled task.
TrendMicro.ScheduledTask.scanForMalwareTaskParameters.timeoutStringThe timeout for the scheduled task.
TrendMicro.ScheduledTask.IDNumberThe ID of the scheduled task.

Command example#

!trendmicro-list-scheduled-task task_id=1

Context Example#

{
"TrendMicro": {
"ScheduledTask": {
"ID": 1,
"checkForSecurityUpdatesTaskParameters": {
"computerFilter": {
"type": "type"
},
"timeout": "never"
},
"enabled": true,
"lastRunTime": 1687185043521,
"name": "Daily check for Security Updates",
"nextRunTime": 1687271400000,
"scheduleDetails": {
"dailyScheduleParameters": {
"frequencyType": "everyday",
"startTime": 1676993400000
},
"recurrenceType": "daily",
"timeZone": "some time zone"
},
"type": "check-for-security-updates"
}
}
}

Human Readable Output#

Scheduled Tasks#

IDNameTypeEnabledLast Run Time
1Daily check for Security Updatescheck-for-security-updatestrue2023-06-19 14:30:43

trendmicro-create-onceonly-scheduled-task#


Creates a once-only scheduled task with a specific computer ID and runs it.

Base Command#

trendmicro-create-onceonly-scan-scheduled-task

Input#

Argument NameDescriptionRequired
nameThe name of the scheduled task.Required
typeThe type of the scheduled task. Possible values are: scan-for-open-ports, send-alert-summary, discover-computers, run-script, send-policy, generate-report, synchronize-directory, synchronize-users, scan-for-recommendations, synchronize-vcenter, scan-for-integrity-changes, scan-for-malware, check-for-security-updates, synchronize-cloud-account, check-for-software-updates, update-suspicious-objects-list.Required
computer_idThe computer ID to create the task on. Can be retrieved from the trendmicro-list-computers command.Required

Context Output#

PathTypeDescription
TrendMicro.ScheduledTask.nameStringThe name of the scheduled task.
TrendMicro.ScheduledTask.typeStringThe type of the scheduled task.
TrendMicro.ScheduledTask.scheduleDetails.timeZoneStringThe timezone of the scheduled task.
TrendMicro.ScheduledTask.scheduleDetails.recurrenceTypeStringThe recurrence type of the scheduled task.
TrendMicro.ScheduledTask.scheduleDetails.onceOnlyScheduleParameters.startTimeNumberThe start time of the scheduled task.
TrendMicro.ScheduledTask.enabledBooleanWhether the scheduled task is enabled.
TrendMicro.ScheduledTask.nextRunTimeDateThe next run time of the scheduled task.
TrendMicro.ScheduledTask.scanForMalwareTaskParameters.computerFilter.typeStringThe type of the computer filter of the scheduled task.
TrendMicro.ScheduledTask.scanForMalwareTaskParameters.computerFilter.computerIDNumberThe computer ID of the scheduled task.
TrendMicro.ScheduledTask.scanForMalwareTaskParameters.timeoutStringThe timeout for the scheduled task.
TrendMicro.ScheduledTask.IDNumberThe ID of the scheduled task.

Command example#

!trendmicro-create-onceonly-scheduled-task name=test computer_id=1 type="scan-for-malware"

Context Example#

{
"TrendMicro": {
"ScheduledTask": {
"ID": 26,
"enabled": true,
"name": "test",
"nextRunTime": 1708620132041,
"scanForMalwareTaskParameters": {
"computerFilter": {
"computerID": 1,
"type": "some type"
},
"timeout": "never"
},
"scheduleDetails": {
"onceOnlyScheduleParameters": {
"startTime": 0
},
"recurrenceType": "none",
"timeZone": "some time zone"
},
"type": "scan-for-malware"
}
}
}

Human Readable Output#

Once-only scheduled task, named test for the computer ID 1 has been successfully created and run.

trendmicro-delete-scheduled-task#


Deletes a scheduled task.

Base Command#

trendmicro-delete-scheduled-task

Input#

Argument NameDescriptionRequired
task_idsA comma seperated of task-IDs to delete.Required

Context Output#

There is no context output for this command.

Command example#

!trendmicro-delete-scheduled-task task_id=1

Human Readable Output#

Scheduled task with ID 1 has been successfully deleted.