Connect Smart Check and Manager

This feature is being rolled out to Deep Security as a Service customers. If it’s not available in your account yet, it will be soon. Container Control requires that you upgrade to Deep Security Agent Feature Releases (version 12.5 or higher), which will be available soon.

If you have Deep Security Smart Check running in your environment, you can connect it to Deep Security Manager and allow or prevent containers from running based on their Smart Check scan results, using the Container Control.

General steps

Use the following steps to add Smart Check as a registry scanner:

  1. Create a RegistryScanner object and set the registry scanner name, URL, user account, and user password.
  2. (Optional) Configure description property as required.
  3. Create a RegistryScannersApi object and use it to add a registry scanner in Deep Security Manager.

To see the properties that you can configure, refer to the Create a Registry Scanner operation in the API Reference.

You can also do this through Deep Security Manager. See the Deep Security Help Center.

Example

The following example code adds Deep Security Smart Check to Deep Security Manager.

Python
def add_registry_scanner(api, configuration, api_version, api_exception, name, url, user_account, user_password):
    """ Adds a registry scanner to Deep Security Manager.
 
    :param api: The Deep Security API modules.
    :param configuration: Configuration object to pass to the api client.
    :param api_version: The version of the API to use.
    :param api_exception: The Deep Security API exception module.
    :param name: The name or IP address of the registry scanner.
    :param url: The url of the registry scanner.
    :param user_account: The user account that can login to the registry scanner.
    :param user_password: The password of the user.
    :return: An Integer that contains the ID of the registry scanner.
    """
 
    # Create the registry scanner object
    registry_scanner = api.RegistryScanner()
    registry_scanner.name = name
    registry_scanner.url = url
    registry_scanner.username = user_account
    registry_scanner.password = user_password
 
    try:
        # Add the registry scanner to Deep Security Manager
        registry_scanner_api = api.RegistryScannersApi(api.ApiClient(configuration))
        api_response = registry_scanner_api.create_registry_scanner(registry_scanner, api_version)
        return api_response.id
 
    except api_exception as e:
        return "Exception: " + str(e)

JavaScript
/*
 * Copyright 2019 Trend Micro.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
/*
 * Adds a registry scanner to Deep Security Manager.
 * @param {ApiClient} api The Deep Security API exports.
 * @param {String} apiVersion The API version to use.
 * @param {String} name The name or IP address of the registry scanner.
 * @param {String} url The url of the registry scanner.
 * @param {String} user_account The user account that can login to the registry scanner.
 * @param {String} user_password The password of the user.
 * @returns {Promise} A promise object that resolves to the ID of the registry scanner.
*/
exports.createRegistryScanner = function (api, apiVersion, name, url, user_account, user_password) {
    return new Promise((resolve, reject) => {
        // Create the registry scanner object
        const registryScanner = new api.RegistryScanner();
        registryScanner.name = name;
        registryScanner.url = url;
        registryScanner.username = user_account;
        registryScanner.password = user_password;
        // Add the registry scanner to Deep Security Manager
        const registryScannersApi = new api.RegistryScannersApi();
        registryScannersApi.createRegistryScanner(registryScanner, apiVersion)
        .then(returnedRegistryScanner => {
            resolve(returnedRegistryScanner.ID);
        })
        .catch(error => {
            reject(error);
        });
    });
};

Java
package com.trendmicro.deepsecurity.docs;
import com.trendmicro.deepsecurity.ApiException;
import com.trendmicro.deepsecurity.api.RegistryScannersApi;
import com.trendmicro.deepsecurity.model.RegistryScanner;
public class RegistryScannerExamples {
	/**
	 * Adds a registry scanner to Deep Security Manager.
	 * @param apiVersion The version of the API to use.
	 * @param name The name or IP address of the registry scanner.
	 * @param url The url of the registry scanner.
	 * @param user_account The user account that can login to the registry scanner.
	 * @param user_password The password of the user.
	 * @return The ID of the registry scanner
	 * @throws ApiException When a problem occurs when creating registry scanner.
	 */
	public static Integer createRegistryScanner(String apiVersion, String name, String url, String user_account, String user_password) throws ApiException{
	    // Create the registry scanner object
	    RegistryScanner registryScanner = new RegistryScanner();
	    registryScanner.setName(name);
	    registryScanner.setUrl(url);
	    registryScanner.setUsername(user_account);
	    registryScanner.setPassword(user_password);
	     
	    // Add the registry scanner to Deep Security Manager
	    RegistryScannersApi registryScannersApi = new RegistryScannersApi();
	    try {
	        registryScanner = registryScannersApi.createRegistryScanner(registryScanner, apiVersion);
	    } catch (ApiException e) {
	        e.printStackTrace();
	    }
	    return registryScanner.getID();
	}
}