受设备保护的虚拟机的策略(又名配置文件)分配和激活
policy (aka profile) assignment and activation for vms protected by appliance
在趋势科技深度安全防护系统 SOAP API (DSSOAP.ManagerService) 中,以下方法是否可以用于基于设备的保护?
securityProfileAssignToHost()
hostAgentActivate()
或仅用于基于代理的保护?如果仅针对基于代理的,是否在任何地方记录了该要求?
是的,您可以将这些方法用于受设备保护的对象。 (我作为 CSE 在趋势科技工作)
以下是如何在 PowerShell 中使用这些方法的基本示例:
param (
[Parameter(Mandatory=$true, HelpMessage="FQDN and port for Deep Security Manager; ex dsm.example.com:443")][string]$manager,
[Parameter(Mandatory=$true, HelpMessage="DeepSecurity Manager Username")][string]$user,
[Parameter(Mandatory=$true, HelpMessage="HostID to activate")][string]$hostID,
[Parameter(Mandatory=$true, HelpMessage="Policy ID to assign to Host")][string]$securityID,
[Parameter(Mandatory=$false)][string]$tenant
)
$passwordinput = Read-host "Password for Deep Security Manager" -AsSecureString
$password = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($passwordinput))
[System.Net.ServicePointManager]::ServerCertificateValidationCallback={$true}
[Net.ServicePointManager]::SecurityProtocol += [Net.SecurityProtocolType]::Tls12
$DSMSoapService = New-WebServiceProxy -uri "https://$manager/webservice/Manager?WSDL" -Namespace "DSSOAP" -ErrorAction Stop
$DSM = New-Object DSSOAP.ManagerService
$SID = ""
try {
if (!$tenant) {
$SID = $DSM.authenticate($user, $password)
}
else {
$SID = $DSM.authenticateTenant($tenant, $user, $password)
}
}
catch {
echo "An error occurred during authentication. Verify username and password and try again. `nError returned was: $($_.Exception.Message)"
exit
}
$activateHost = $DSM.hostAgentActivate($hostID, $SID)
$assignPolicy = $DSM.securityProfileAssignToHost($securityID, $hostID, $SID)
$DSMSoapService.endSession($SID)
在趋势科技深度安全防护系统 SOAP API (DSSOAP.ManagerService) 中,以下方法是否可以用于基于设备的保护?
securityProfileAssignToHost()
hostAgentActivate()
或仅用于基于代理的保护?如果仅针对基于代理的,是否在任何地方记录了该要求?
是的,您可以将这些方法用于受设备保护的对象。 (我作为 CSE 在趋势科技工作)
以下是如何在 PowerShell 中使用这些方法的基本示例:
param (
[Parameter(Mandatory=$true, HelpMessage="FQDN and port for Deep Security Manager; ex dsm.example.com:443")][string]$manager,
[Parameter(Mandatory=$true, HelpMessage="DeepSecurity Manager Username")][string]$user,
[Parameter(Mandatory=$true, HelpMessage="HostID to activate")][string]$hostID,
[Parameter(Mandatory=$true, HelpMessage="Policy ID to assign to Host")][string]$securityID,
[Parameter(Mandatory=$false)][string]$tenant
)
$passwordinput = Read-host "Password for Deep Security Manager" -AsSecureString
$password = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($passwordinput))
[System.Net.ServicePointManager]::ServerCertificateValidationCallback={$true}
[Net.ServicePointManager]::SecurityProtocol += [Net.SecurityProtocolType]::Tls12
$DSMSoapService = New-WebServiceProxy -uri "https://$manager/webservice/Manager?WSDL" -Namespace "DSSOAP" -ErrorAction Stop
$DSM = New-Object DSSOAP.ManagerService
$SID = ""
try {
if (!$tenant) {
$SID = $DSM.authenticate($user, $password)
}
else {
$SID = $DSM.authenticateTenant($tenant, $user, $password)
}
}
catch {
echo "An error occurred during authentication. Verify username and password and try again. `nError returned was: $($_.Exception.Message)"
exit
}
$activateHost = $DSM.hostAgentActivate($hostID, $SID)
$assignPolicy = $DSM.securityProfileAssignToHost($securityID, $hostID, $SID)
$DSMSoapService.endSession($SID)