Transition From the SOAP API

Transition your code that uses the deprecated SOAP API to use the Deep Security API that was introduced in 11.1 so that you can take advantage of new features and continued support. The SOAP API was deprecated in Deep Security 11.1. Although the functionality of the SOAP API is unchanged, new Deep Security features that are added after version 11.0 will not be accessible via the SOAP API.

The Deep Security API does not provide all of the capabilities of the SOAP API. However, you can use the REST API for some of those capabilities. For more information, see the Capabilities section.

To prepare for the transition, you should understand the differences in terminology between the APIs, as well as the differences in required tasks, class structure, and capabilities. After learning this information, we recommend that you use the First Steps Toward Deep Security Automationguide as an introduction to the Deep Security API.

Terminology

Some product terminology has changed since the release of the SOAP API. Note the following changes when comparing the APIs.

SOAP API term Deep Security API term
Host Computer
Security profile Policy
Deep Packet Inspection (DPI) Intrusion Prevention

Specific tasks

When transitioning from the SOAP API, you'll notice that some required tasks are achieved differently or are no longer required.

Task SOAP API Deep Security API
Authenticate Create a Web Service administrator account and a user role that is allowed to access to the Web Service endpoints. Use the credentials of the account to authenticate your calls. Create an API key and associate it with a user role that determines feature access. Use the secret key of the API key to authenticate your calls. SeeAuthenticate with Deep Security Managerin the First Steps Toward Deep Security Automation guide.
Enable endpoints Enable the Web Service API in Deep Security Manager. Deep Security API endpoints are always enabled. No action is required.
Obtain client libraries Generate client stubs from the WSDL file. Download SDKs from the Automation Center.

Java class structure

The Java stubs that are generated from the WSDL file and the Java SDK of the Deep Security API provide similar types of Java classes. However, the classes are structured differently.

Java stubs class type Deep Security API (Java SDK)
Transport classes Classes in the com.trendmicro.deepsecurity.model package represent items in the Deep Security Manager environment, such as policies, computers, and rules. Use these classes for storing and accessingvalues.
Enum classes Enum classes are nested in the classes of the model package.
Web methods (operations of the Manager endpoint) Classes in the com.trendmicro.deepsecurity.api package provide create, read, update, delete, list, and search capabilities that act on many of the model classes.

Capabilities

The Deep Security Web Service SDK PDF lists the capabilities of the SOAP API. The following table lists the classes of the Java SDK that provide the capability or indicates that the Deep Security API does not support the capability. For some of the unsupported capabilities, you can use the previously-released REST API. (See Previous REST and SOAP APIs in the Deep Security Help Center.)

Endpoints are continuously being added to the Deep Security API. Periodically check this table for changes.
Category Capability Java SDK/Deep Security API availability
Security profile (policies) Retrieve, add, update, edit and delete a policy com.trendmicro.deepsecurity.api.PoliciesApi See the Policies endpoint in the API Reference.
Set the running state of a security module (Firewall, Anti-Malware, etc.) at the policy level com.trendmicro.deepsecurity.api.PoliciesApi See the Policies endpoint in theAPI Reference.
Assign and unassign Firewall, Intrusion Inspection, Integrity Monitoring, and Log Inspection rules at the policy level com.trendmicro.deepsecurity.api.PoliciesApi See the Policies endpoint in theAPI Reference.
Get, set, and clear system settings at the policy level com.trendmicro.deepsecurity.api.PoliciesApi See the Policies endpoint in theAPI Reference.
Anti-Malware Retrieve, add, update, and delete malware scan configurations com.trendmicro.deepsecurity.api.AntiMalwareConfigurationsApi See the Anti-Malware Configurations endpoint in the API Reference.
Add, update, and delete directory lists com.trendmicro.deepsecurity.api.DirectoryListsApi See the Directory Lists endpoint in theAPI Reference.
Add, update, and delete file lists com.trendmicro.deepsecurity.api.FileListsApi See the File Lists endpoint in theAPI Reference.
Add, update, and delete file extension lists com.trendmicro.deepsecurity.api.FileExtensionListsApi See the File Extension Lists endpoint in theAPI Reference.
Retrieve Anti-Malware events Not available. Use the Anti-Malware Events endpoint of the REST API.
Web Reputation Retrieve, add, update, and delete Web Reputation configurations com.trendmicro.deepsecurity.api.PoliciesAPI andcom.trendmicro.deepsecurity.model.PolicySettings See the Policies endpoint in the API Reference.
Retrieve Web Reputation events Not available. Use the Web Reputation Events endpoint of the REST API.
Firewall Retrieve, add, update, and delete Firewall rules com.trendmicro.deepsecurity.api.FirewallRulesApi See the Firewall Rules endpoint in the API Reference.
Retrieve, add, update, and delete stateful configurations com.trendmicro.deepsecurity.api.StatefulConfigurationsApi See the Stateful Configurations endpoint in the API Reference.
Retrieve Firewall events Not available.  
Deep Packet Inspection (Intrusion Prevention) Retrieve, add, update, and delete Deep Packet Inspection rules com.trendmicro.deepsecurity.api.IntrusionPreventionRulesApi See the Intrusion Prevention Rules endpoint in the API Reference.
Retrieve, add, update, and delete application types com.trendmicro.deepsecurity.api.ApplicationTypesApi See the Application Types endpoint in the API Reference.
Retrieve, add, update, and delete application type overrides Not available
Retrieve Deep Package Inspection events Not available
Integrity Monitoring Retrieve, add, update, delete Integrity Monitoring rules com.trendmicro.deepsecurity.api.IntegrityMonitoringRulesApi See the Integrity Monitoring Rules endpoint in the API Reference.
Initiate Scan For Integrity Changes operation on computer Not available
Initiate Rebuild Baseline operation on computer Not available
Retrieve Integrity Monitoring events Not available See the Integrity Monitoring Events endpoint of the REST API.
Log Inspection Retrieve, add, update, and delete Log Inspection rules com.trendmicro.deepsecurity.api.LogInspectionRulesApi See the Log Inspection Rules endpoint in theAPI Reference.
Retrieve, add, update, and delete Log Inspection decoders Not available
Retrieve Log Inspection events Not available See the Log Inspection Events endpoint of the REST API.
Lists Retrieve, add, update, and delete IP lists, MAC lists, and port lists com.trendmicro.deepsecurity.api.IpListsApi com.trendmicro.deepsecurity.api.MacListsApi com.trendmicro.deepsecurity.api.PortListsApi See the IP Lists, MAC Lists, and Port Lists endpoints in the API Reference.
Schedules Retrieve, add, update, and delete schedules com.trendmicro.deepsecurity.api.SchedulesApi See the Schedules endpoint in theAPI Reference.
Hosts (Computers) Retrieve, add, update, delete a computer com.trendmicro.deepsecurity.api.ComputersApi See the Computers endpoint in theAPI Reference.
Assign or unassigna policy com.trendmicro.deepsecurity.api.ComputersApi See the Computers endpoint in theAPI Reference.
Get or set system settings at the computer level com.trendmicro.deepsecurity.api.ComputersApi See the Computers endpoint in theAPI Reference.
Activate, deactivate, lock, unlock computer Not available
Retrieve computer status com.trendmicro.deepsecurity.model.ComputersApi::computerStatus See the Computers endpoint in theAPI Reference.
Retrieve computer events Not available
Initiate security update or Agent upgrade Not available
Groups (Computer Groups) Retrieve, add, update, delete, and move a computer group com.trendmicro.deepsecurity.api.ComputerGroupsApi See the Computer Groups endpoint in theAPI Reference.
System Get and set global system settings com.trendmicro.deepsecurity.api.SystemSettingsApi See the System Settings endpoint in theAPI Reference.
Retrieve system information Not available
Retrieve system events Not available
License Retrieve and update license Not available See the Licenses endpoint of the REST API.
Updates Operations on Security Center customer accounts Not available
Operations on security updates Not available
Operations on agent or appliance software Not available
Dashboard Retrieve counters for dashboard widgets Not available
Retrieve feature summary for the system Not available
Retrieve an overall computer and alert status for the system Not available

We encourage you to forward system and security events to an external Syslog server or security information and event management (SIEM) server. See Handle Events for System Monitoring and Reporting.

The following table lists some highly-used SOAP API endpoints and related code examples that the guides contain. Use the examples to formulate ideas about how you can translate your code to use the new API or SDK.

SOAP API endpoint Deep Security API operation Related code example
securityProfileRetrieve Describe a Policy Add intrusion prevention rules to computers policies
securityProfileRetrieveByName Search Policies, or Describe a Policy Search for a policy and add it to a computer
IPListRetrieve List Intrusion Prevention Rules Find the Intrusion Prevention rule for a CVE
hostDetailRetrieve List Computers Get computer configurations
hostRetrieve Describe a Computer Get the overrides for a computer
authenticate N/A List policies
securityProfileSave Create a Policy Modify a Policy Create a policy below Base Policy
securityProfileAssignToHost Modify a Computer Search for a policy and add it to a computer