Security

Agents online when using WFBS-SVC and Watchguard

Some people claim there’s no such things as “too much” security.  Well, apparently that’s not true.  When you’re deploying the agents for Trend Micro Worry Free Business Security Services (What a name!) behind a Watchguard firewall using it’s UTM software, your agents might not be able to contact the server. 

The problem

When installing (or using) Trend Micro’s “Business Security Services”, the agents have problems communicating with the server. This problem is caused by Watchguard which is blocking this sort of communication.

The agents appear offline, and aren’t listed in the Worry Free Business Security Services console, so they’ can’t be configured or monitored, alongside other actions…

The (possible) solution

1)  In the Watchguard Management console, create a new policy.

2)  Under “Add policies”, select “HTTP-Proxy” under “Policies”.

3)  Give the policy a straightforward name, like “Trend Micro Proxy”

When selecting the allowed sources / destinations, add the following:

  • From: any-trusted
  • To: 150.70.226.32
     
    To add this destination, do the following:
      • Select “Host IP” in the dropdown menu.
      • Enter the IP address: 150.70.226.3

Note:  The IP address mentioned above applied to my case specifically. It’s possible your agents will try to communicate with another IP.


4)  Under the “Properties” tab, go down to “Proxy Actions” and click the “New” button. Create a new policy (Name it TM Proxy). In the settings, set “deny” to “allow” in all the menu’s. If you’re more comfortable with this, you can also set “Deny” to “AV Scan”.

5)  Save the Proxy Action, and then save the policy as well.

6)  Finish by saving the new configuration file to both a folder and the Watchguard.

You’ll see that the Trend Micro Agents are now online, and are listed in the “Business Security Services" console – which means everything is working as it should be

Advertisements

Categories: Security

Tagged as: ,