SoraYazılım
English
Custom software solutions from Türkiye
Trend Micro · Cybersecurity

Deep Security / Server & Workload Protection

Hybrid workload security for physical, virtual and cloud servers.

Request a quoteFAQ
Quick answer

Deep Security (rebranded Trend Cloud One Workload Security) protects physical, virtual (VMware/Hyper-V) and cloud (AWS/Azure/GCP) server workloads with a single agent. It includes anti-malware, host IPS, virtual patching, file integrity, log inspection and container protection modules.

Deep Security is Trend Micro's flagship server-workload protection. It is to servers what Apex One is to endpoints — adding server-specific capabilities such as host IPS, FIM, log inspection and virtual patching.

VMware NSX integration enables agentless scanning — so even in 10,000+ VM data centers you don't have to install agents on every VM. It can be deployed in one click from AWS, Azure and GCP marketplaces.

Under the name Cloud One Workload Security it is also sold as SaaS, while on-prem Deep Security continues classically. Ready-made PCI-DSS, HIPAA and KVKK compliance templates are included.

Key features

What it offers

  • Host IPS and virtual patching
  • Anti-malware + file integrity monitoring (FIM)
  • Container and Kubernetes runtime protection
  • PCI-DSS, HIPAA and KVKK compliance templates
  • AWS, Azure, GCP marketplace deployment
  • Agentless anti-malware via VMware NSX
  • Log inspection and SIEM forwarding
  • Vision One XDR sensor
Tech Summary

Important technical data

Platforms
Windows Server 2012+, Linux (all majors), AIX, Solaris
Cloud
AWS, Azure, GCP, OCI marketplaces
Virtualization
VMware vSphere/NSX, Hyper-V, KVM
Container
Docker, Kubernetes (EKS, AKS, GKE, OpenShift)
Licensing
Per server/VM or pay-as-you-go (cloud)
Compliance
PCI-DSS, HIPAA, NIST 800-53, KVKK templates
Use Cases

When would you choose this product?

E-commerce

PCI-DSS-compliant payment servers

A major Turkish e-commerce platform meets PCI-DSS requirements with Deep Security FIM + IPS; audit reports are produced automatically.

Telecom

Agentless protection in a VMware data center

A telecom operator uses NSX integration to run agentless anti-malware on 8,000 virtual servers — no performance loss.

Healthcare

HIS server security without patching

A private hospital chain runs legacy Windows Server 2012 R2 HIS servers safely thanks to virtual patching.

Cloud native

Kubernetes runtime protection

A SaaS firm running 200+ containers on AWS EKS uses Deep Security for container image scanning and runtime behavior monitoring.

Who is it for?

Data center operators, cloud workload owners and organizations with compliance requirements.

Frequently Asked Questions

Frequently asked questions

Are Deep Security and Cloud One Workload Security the same product?
Yes — Cloud One Workload Security is the SaaS edition of Deep Security. On-prem Deep Security continues; new customers usually pick the SaaS edition. Modules and policies are largely identical.
Does it work agentlessly without VMware NSX?
No. Agentless anti-malware requires NSX-T (or the older NSX-V). Without NSX an agent must be installed on every VM; this adds CPU/RAM footprint but exposes all modules.
What is the level of Kubernetes support?
Full support for EKS, AKS, GKE, OpenShift. Image scanning (registry scan), runtime behavior monitoring, admission-controller policy enforcement and pod-level IPS.
Is it enough for PCI-DSS compliance?
Not alone, but it covers a significant portion of PCI-DSS requirements 1, 5, 6, 10 and 11. Sora Yazılım runs PCI-DSS audit prep alongside Deep Security policies.
Is licensing per VM?
Yes — based on the number of running VMs/servers. Cloud also offers hourly pay-as-you-go pricing. Licensing usage stops when the VM is powered off.
Which Linux distributions are supported?
RedHat 6+, CentOS, Ubuntu 16+, SUSE 11+, Oracle Linux, Amazon Linux, Debian 8+. Kernel-aware agents exist for every major distribution.
Does container image scanning connect to registries?
Yes. AWS ECR, Azure Container Registry, Google Container Registry, Docker Hub and Harbor are supported. CI/CD pipeline webhook integration is also available.
Is AIX and Solaris support real?
Yes. Deep Security provides agents for AIX 7.1+ and Solaris 10/11. A critical capability for core banking and telecom OSS/BSS systems.
What is the performance impact?
Full agent: ~3–5% CPU, ~200 MB RAM. Agentless (NSX): zero inside the VM. With virtual patching and IPS on, ~1–2 ms latency is added to traffic.
Where are logs stored?
On-prem you can syslog/CEF-forward to your own SIEM; SaaS keeps 30 days by default in Trend Micro's data centers. Cloud region selectable from EU, US, JP.
Vendor's official product page

Opens the vendor's original technical documentation and product page in a new tab.

Trend MicroDeep Security / Server & Workload Protection
From the same brand

Trend Micro family — other products

Trend Vision One

AI-driven platform unifying XDR, ASRM and cyber risk management in a single console.

Details

Apex One

AI-driven enterprise endpoint protection (EPP + EDR).

Details

Worry-Free Business Security

Cloud-based endpoint + email protection for SMBs.

Details

Trend Email Security

Advanced email threat protection for Microsoft 365 and Google Workspace.

Details
Comparable Solutions

Similar solutions from other brands

Bitdefender

GravityZone Security for Servers

Optimized protection for physical, virtual and cloud servers.

DetailsAcronis

Acronis Cyber Protect 16 (on-prem)

On-prem unified backup + cyber protection for the enterprise data center.

Details
Related Services

Services we deliver alongside this product

devops-altyapi

Deep Security / Server & Workload Protection licensing + deployment + support

Sora Yazılım handles licensing, deployment, training and ongoing management — all from a single team.

Request a quoteTrend Micro