1

在 Trend Micro Deep Security SOAP API (DSSOAP.ManagerService) 中,以下方法是否可以用于基于设备的保护?

securityProfileAssignToHost()
hostAgentActivate()

还是仅用于基于代理的保护?如果仅针对基于代理,该要求是否记录在任何地方?

4

1 回答 1

1

是的,您可以将这些方法用于受设备保护的对象。(我在趋势科技担任 CSE)

以下是如何在 PowerShell 中使用这些方法的基本示例:

param (
    [Parameter(Mandatory=$true, HelpMessage="FQDN and port for Deep Security Manager; ex dsm.example.com:443")][string]$manager,
    [Parameter(Mandatory=$true, HelpMessage="DeepSecurity Manager Username")][string]$user,
    [Parameter(Mandatory=$true, HelpMessage="HostID to activate")][string]$hostID,
    [Parameter(Mandatory=$true, HelpMessage="Policy ID to assign to Host")][string]$securityID,
    [Parameter(Mandatory=$false)][string]$tenant
)
$passwordinput = Read-host "Password for Deep Security Manager" -AsSecureString
$password = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($passwordinput))
[System.Net.ServicePointManager]::ServerCertificateValidationCallback={$true}
[Net.ServicePointManager]::SecurityProtocol += [Net.SecurityProtocolType]::Tls12
$DSMSoapService = New-WebServiceProxy -uri "https://$manager/webservice/Manager?WSDL" -Namespace "DSSOAP" -ErrorAction Stop
$DSM = New-Object DSSOAP.ManagerService
$SID = ""
try {
    if (!$tenant) {
        $SID = $DSM.authenticate($user, $password)
        }
    else {
        $SID = $DSM.authenticateTenant($tenant, $user, $password)
        }
}
catch {
    echo "An error occurred during authentication. Verify username and password and try again. `nError returned was: $($_.Exception.Message)"
    exit
}
$activateHost = $DSM.hostAgentActivate($hostID, $SID)
$assignPolicy = $DSM.securityProfileAssignToHost($securityID, $hostID, $SID)
$DSMSoapService.endSession($SID)
于 2019-02-28T20:32:45.177 回答