Views:
Transition your code that uses the deprecated SOAP API to use the API that was introduced in Deep Security 11.1 so that you can take advantage of new features and continued support. The SOAP API was deprecated in Deep Security 11.1. Although the functionality of the SOAP API is unchanged, new Server & Workload Protection features will not be accessible via the SOAP API.
Note
Note
The Server & Workload Protection API does not provide all of the capabilities of the SOAP API. However, you can use the REST API for some of those capabilities. For more information, see the Capabilities section.
To prepare for the transition, you should understand the differences in terminology between the APIs, as well as the differences in required tasks, class structure, and capabilities. After learning this information, we recommend that you use the First Steps Toward Server & Workload Protection Automation guide as an introduction to the Deep Security API.

Terminology

Some product terminology has changed since the release of the SOAP API. Note the following changes when comparing the APIs.
SOAP API term
Deep Security API term
Host
Computer
Security profile
Policy
Deep Packet Inspection (DPI)
Intrusion Prevention

Specific tasks

When transitioning from the SOAP API, you'll notice that some required tasks are achieved differently or are no longer required.
Task
SOAP API
Deep Security API
Authenticate
Create a Web Service administrator account and a user role that is allowed to access to the Web Service endpoints. Use the credentials of the account to authenticate your calls.
Create an API key and associate it with a user role that determines feature access. Use the secret key of the API key to authenticate your calls. See Authenticate with Server & Workload Protection in the First Steps Toward Server & Workload Protection Automation guide.
Enable endpoints
Enable the Web Service API in Server & Workload Protection.
Deep Security API endpoints are always enabled. No action is required.
Obtain client libraries
Generate client stubs from the WSDL file.

Java class structure

The Java stubs that are generated from the WSDL file and the Java SDK of the Deep Security API provide similar types of Java classes. However, the classes are structured differently.
Java stubs class type
Deep Security API (Java SDK)
Transport classes
Classes in the
com.trendmicro.deepsecurity.model
package represent items in the Server & Workload Protection environment, such as policies, computers, and rules. Use these classes for storing and accessing values.
Enum classes
Enum classes are nested in the classes of the model package.
Web methods (operations of the Manager endpoint)
Classes in the
com.trendmicro.deepsecurity.api
package provide create, read, update, delete, list, and search capabilities that act on many of the model classes.

Capabilities

The Deep Security Web Service SDK PDF lists the capabilities of the SOAP API. The following table lists the classes of the Java SDK that provide the capability or indicates that the Deep Security API does not support the capability. For some of the unsupported capabilities, you can use the previously-released REST API. (See Use the Server & Workload Protection API to automate tasks.)
Note
Note
Endpoints are continuously being added to the Server & Workload Protection API. Periodically check this table for changes.
Category
Capability
Java SDK/Deep Security API availability
Security profile (policies)
Retrieve, add, update, edit and delete a policy
com.trendmicro.deepsecurity.api.PoliciesApi
See the Policies endpoint in the API Reference.
Set the running state of a security module (Firewall, Anti-Malware, etc.) at the policy level
com.trendmicro.deepsecurity.api.PoliciesApi
See the Policies endpoint in the API Reference.
Assign and unassign Firewall, Intrusion Inspection, Integrity Monitoring, and Log Inspection rules at the policy level
com.trendmicro.deepsecurity.api.PoliciesApi
See the Policies endpoint in the API Reference.
Get, set, and clear system settings at the policy level
com.trendmicro.deepsecurity.api.PoliciesApi
See the Policies endpoint in the API Reference.
Anti-Malware
Retrieve, add, update, and delete malware scan configurations
com.trendmicro.deepsecurity.api.AntiMalwareConfigurationsApi
See the Anti-Malware Configurations endpoint in the API Reference.
Add, update, and delete directory lists
com.trendmicro.deepsecurity.api.DirectoryListsApi
See the Directory Lists endpoint in the API Reference.
Add, update, and delete file lists
com.trendmicro.deepsecurity.api.FileListsApi
See the File Lists endpoint in the API Reference.
Add, update, and delete file extension lists
com.trendmicro.deepsecurity.api.FileExtensionListsApi
See the File Extension Lists endpoint in the API Reference.
Retrieve Anti-Malware events
Not available. Use the Anti-Malware Events endpoint of the REST API.
Web Reputation
Retrieve, add, update, and delete Web Reputation configurations
com.trendmicro.deepsecurity.api.PoliciesAPI
and
com.trendmicro.deepsecurity.model.PolicySettings
See the Policies endpoint in the API Reference.
Retrieve Web Reputation events
Not available. Use the Web Reputation Events endpoint of the REST API.
Firewall
Retrieve, add, update, and delete Firewall rules
com.trendmicro.deepsecurity.api.FirewallRulesApi
See the Firewall Rules endpoint in the API Reference.
Retrieve, add, update, and delete stateful configurations
com.trendmicro.deepsecurity.api.StatefulConfigurationsApi
See the Stateful Configurations endpoint in the API Reference.
Retrieve Firewall events
Not available.
Deep Packet Inspection (Intrusion Prevention)
Retrieve, add, update, and delete Deep Packet Inspection rules
com.trendmicro.deepsecurity.api.IntrusionPreventionRulesApi
See the Intrusion Prevention Rules endpoint in the API Reference.
Retrieve, add, update, and delete application types
com.trendmicro.deepsecurity.api.ApplicationTypesApi
See the Application Types endpoint in the API Reference.
Retrieve, add, update, and delete application type overrides
com.trendmicro.deepsecurity.api.ComputerIntrusionPreventionApplicationTypeDetailsApi
com.trendmicro.deepsecurity.api.PolicyIntrusionPreventionApplicationTypeDetailsApi
See the operations of Computer Intrusion Prevention Application Type Details and Policy Intrusion Prevention Application Type Details in the API Reference.
Retrieve Deep Package Inspection events
Not available
Integrity Monitoring
Retrieve, add, update, delete Integrity Monitoring rules
com.trendmicro.deepsecurity.api.IntegrityMonitoringRulesApi
See the Integrity Monitoring Rules endpoint in the API Reference.
Initiate Scan For Integrity Changes operation on computer
Not available
Initiate Rebuild Baseline operation on computer
Not available
Retrieve Integrity Monitoring events
Not available See the Integrity Monitoring Events endpoint of the REST API.
Log Inspection
Retrieve, add, update, and delete Log Inspection rules
com.trendmicro.deepsecurity.api.LogInspectionRulesApi
See the Log Inspection Rules endpoint in the API Reference.
Retrieve, add, update, and delete Log Inspection decoders
Not available
Retrieve Log Inspection events
Not available See the Log Inspection Events endpoint of the REST API.
Lists
Retrieve, add, update, and delete IP lists, MAC lists, and port lists
com.trendmicro.deepsecurity.api.IpListsApi
com.trendmicro.deepsecurity.api.MacListsApi
com.trendmicro.deepsecurity.api.PortListsApi
See the IP Lists, MAC Lists, and Port Lists endpoints in the API Reference.
Schedules
Retrieve, add, update, and delete schedules
com.trendmicro.deepsecurity.api.SchedulesApi
See the Schedules endpoint in the API Reference.
Hosts (Computers)
Retrieve, add, update, delete a computer
com.trendmicro.deepsecurity.api.ComputersApi
See the Computers endpoint in the API Reference.
Assign or unassign a policy
com.trendmicro.deepsecurity.api.ComputersApi
See the Computers endpoint in the API Reference.
Get or set system settings at the computer level
com.trendmicro.deepsecurity.api.ComputersApi
See the Computers endpoint in the API Reference.
Activate, deactivate, lock, unlock computer
Not available
Retrieve computer status
com.trendmicro.deepsecurity.model.ComputersApi::computerStatus
See the Computers endpoint in the API Reference.
Retrieve computer events
Not available
Initiate security update or Agent upgrade
Not available
Groups (Computer Groups)
Retrieve, add, update, delete, and move a computer group
com.trendmicro.deepsecurity.api.ComputerGroupsApi
See the Computer Groups endpoint in the API Reference.
System
Get and set global system settings
com.trendmicro.deepsecurity.api.SystemSettingsApi
See the System Settings endpoint in the API Reference.
Retrieve system information
Not available
Retrieve system events
Not available
License
Retrieve and update license
Not available See the Licenses endpoint of the REST API.
Updates
Operations on Security Center customer accounts
Not available
Operations on security updates
Not available
Operations on agent or appliance software
Not available
Dashboard
Retrieve counters for dashboard widgets
Not available
Retrieve feature summary for the system
Not available
Retrieve an overall computer and alert status for the system
Not available
Tip
Tip
We encourage you to forward system and security events to an external Syslog server or security information and event management (SIEM) server. See Handle Events for System Monitoring and Reporting.

Related code examples

The following table lists some highly-used SOAP API endpoints and related code examples that the guides contain. Use the examples to formulate ideas about how you can translate your code to use the new API or SDK.
SOAP API endpoint
Server & Workload Protection API operation
Related code example
securityProfileRetrieve
Describe a Policy
securityProfileRetrieveByName
Search Policies, or Describe a Policy
IPListRetrieve
List Intrusion Prevention Rules
hostDetailRetrieve
List Computers
hostRetrieve
Describe a Computer
authenticate
N/A
securityProfileSave
Create a Policy Modify a Policy
securityProfileAssignToHost
Modify a Computer