Trend Micro Deep Security 11


Trend Micro™ Deep Security 11 Training for Certified Professionals is a three-day, instructor-led training course where participants will learn how to use Trend Micro™ Deep Security for advanced server security of physical, virtual and cloud-based computers. This course details the basic architecture of the Deep Security solution, deployment options, protection modules, policy configuration, and administration of the system.

As part of the course, participants will install Deep Security in a virtual lab environment, deploy agent endpoint computers and configure protection on these computers. Best practices and troubleshooting details for successful implementation and long-term maintenance of the system are also discussed.

This course incorporates a variety of hands-on lab exercises allowing participants to put the lesson content into action. This course is taught by Trend Micro-certified trainers. Upon completion of this course, participants may choose to complete the certification examination to obtain designation as a Trend Micro Certified Professional for Deep Security.


This course is designed for IT professionals who are responsible for protecting users, networks, data centers and cloud resources from data breaches and targeted attacks.

Individuals who will typically benefit from the training course include: 

  •  System administrators
  •  Network engineers
  •  Support Engineers
  •  Integration Engineers
  •  Solution & Security Architects


There are no prerequisites to attend this course, however, a working knowledge of Trend Micro products and services, as well as an understanding of basic networking concepts and principles will be helpful.

  • Basic knowledge of the following topics is also beneficial:
  • Windows servers and clients
  • Firewalls and packet inspection devices
  • VMware ESXi / vCenter / NSX
  • Amazon AWS / Microsoft Azure / VMware vCloud
  • Virtualization technologies

Participants are required to bring a laptop computer with a screen resolution of at least 1980 x 1080 or above; a display size of 15" or above is recommended.


Course topics are divided into the following lessons.

Product Overview

  • Trend Micro solutions
  • Introduction to Deep Security
  • Protection modules
  • Deep Security components

Deep Security Manager

  • Server and operating system requirements
  • Database requirements
  • Deep Security Manager architecture and components
  • Installing Deep Security Manager
  • Logging into the Deep Security Manager Web console

Deep Security Agent

  • Deep Security Agent architecture
  • Installing Deep Security Agents
  • Adding computers
  • Activating Deep Security Agents
  • Upgrading Deep Security Agents to Relays
  • Distributing software and security updates
  • Viewing computer protection status
  • Organizing computers using Smart Folders


  • Creating policies based on Recommendation Scans
  • Creating new policies from scratch
  • Policy inheritance and overrides
  • Common objects


  • Anti-Malware Solution Platform
  • Anti-Malware scanning
  • Enabling malware protection
  • Quarantining files
  • Smart Scan

Web Reputation

  • Trend Micro URL Filtering Engine
  • Enabling Web Reputation
  • Setting the security level
  • Locating Web Reputation-related events


  • Firewall Rules
  • Rule order of analysis
  • Stateful and pseudo-stateful filtering
  • Assessing Vulnerabilities

Intrusion Prevention

  • Virtual Patching
  • Protocol Hygiene
  • Protocol Control
  • Web Application Protection
  • Enabling Intrusion Prevention
  • Intrusion Prevention rules
  • SSL filtering

Integrity Monitoring

  • Enabling Integrity Monitoring
  • Detection changes to the baseline object
  • Event tagging

Application Control

  • Enabling Application Control
  • Detecting software changes
  • Creating and inventory of approved software

Log Inspection

  • Enabling Log Inspection
  • Running recommendation scans
  • Monitoring events

Logging and Reports

  • Enabling debug logging
  • Setting log levels
  • SIEM and syslog integration
  • Reporting
  • Filtering report data
  • Creating diagnostic packages


  • Enabling Multi-Tenancy
  • Creating tenants
  • Managing tenants
  • Activating Deep Security Agents on tenants
  • Usage monitoring

Connected Threat Defense

  • Connected Threat Defense requirements
  • Deep Discovery Analyzer
  • Trend Micro Control Manager
  • Integrating Deep Security into Connected Threat Defense

Protecting Cloud Environments

  • Cloud deployment models
  • Deep Security cloud architectures
    • Amazon AWS
    • Microsoft Azure
    • VMware vCloud
  • Cloud installation options

Deep Security Virtual Appliance

  • Agentless protection
  • Deploying Deep Security in VMWare ESXi environments