~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Readme for Trend Micro (TM) Deep Security Agent 9.0 SP1 Solaris Platforms: Solaris 9 Sparc Solaris 10 Update 4/5/6 x86 64bit and Sparc Solaris 10 Update 7/8/9/10/11 x86 64bit and Sparc Solaris 11 x86 64bit and Sparc Date: May 21, 2013 Release: 9.0 SP1 Build Version: 9.0.0.2008, 9.0.0.2009 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This product is subject to the terms detailed in the click through license agreement and copied to the install directory. For more information about the Trend Micro suite of Deep Security products, visit our Web site at: http://us.trendmicro.com/us/solutions/enterprise/security-solutions/virtualization/deep-security/ Download the latest version of this readme from the "Software" page at the Trend Micro Download Center website: http://downloadcenter.trendmicro.com/ Trend Micro is always seeking to improve its documentation. If you have questions, comments, or suggestions about this or any other Trend Micro documents, please contact us at docs@trendmicro.com. Your feedback is always welcome. Contents =================================================================== 1. About Deep Security 9.0 SP1 1.1 Overview of This Release 1.2 Who Should Install This Release 1.3 Support Expiration Notice 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation/Un-installation 6. Known Incompatibilities 7. Known Issues 8. Release History 9. Files Included in This Release 10. Contact Information 11. About Trend Micro 12. License Agreement 13. Third Party Software =================================================================== 1. About Deep Security 9.0 SP1 ======================================================================== 1.1 Overview of This Release ===================================================================== Deep Security 9.0 SP1 contains a number of bug fixes as well as some new feature enhancements. 1.2 Who Should Install This Release ===================================================================== You should install the 9.0 SP1 release if you are currently running Deep Security 7.0, 7.5 or 8.0 1.3 Support Expiration Notice ===================================================================== Please refer to Trend Micro Download Center or Support website for Information about product support expiration notice. Please visit the Trend Micro Download Center website to download the latest releases at: http://downloadcenter.trendmicro.com/ 2. What's New ======================================================================== For major changes in Deep Security 9.0 from previously released versions of Deep Security, please read the "What's New in Deep Security 9 SP1" section of the Deep Security Manager on-line help, the Deep Security Administrator’s Guide or Deep Security Installation Guide, available for download from the Trend Micro Download Center. 2.1 Enhancements ===================================================================== Support for Solaris 11 (64-bit Sparc). 2.2 Resolved Known Issues ===================================================================== Issue 1: [TT231356, FB15414] An issue was identified in the Deep Security Agent (DSA) that allows direct access of user mode memory from kernel mode which resulted in access violation to cause system panic condition. This occurs when generation of a diagnostic package via DSM web console is requested. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This fix resolves this issue by preventing DSA's direct access of user mode memory from kernel mode. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 2: [17008/TT252018] In some situations, it has been reported that the Integrity Monitoring/Anti-Malware scanning would cause 100% CPU usage. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: A hidden global setting for CPU usage control has been added to DSM to allow high/medium/low control of CPU usage for IM/AM scanning. Such setting applies to the following platforms: - Linux(TM) Red Hat(TM) 5 64-bit - AIX(TM) 5.3 - Solaris(TM) 10 Sparc ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This release includes all resolved issues that were resolved in Deep Security 8.0 SP2 except those explicitly listed in the section 7 "Known Issues in Deep Security Agent 9.0 SP1 - Solaris". 3. Documentation Set ======================================================================== In addition to this readme.txt, the documentation set for this product includes the following: o Deep Security 9.0 SP1 Installation Guide (IG) -- Provides product overview, deployment plan, installation steps and basic information intended to help you deploy Deep Security smoothly. o Deep Security 9.0 SP1 Administrator’s Guide (AG) -- Provides post-installation instructions on how to configure the settings to help you get Deep Security "up and running". Also includes instructions on performing other administrative tasks for the day-to-day maintenance of Deep Security. o Readme files -- version enhancements, known issues, and release history. There is one readme for each installable Deep Security component: Manager, Agent (including Relay and Notifier), Virtual Appliance, and ESXi Filter Driver. Electronic versions of the manuals are available from the Trend Micro Download Center at: http://downloadcenter.trendmicro.com/ o Online help -- Context-sensitive help screens that provide guidance for performing a task. o TrendEdge is a program for Trend Micro employees, partners, and other interested parties that provides information on unsupported, innovative techniques, tools, and best practices for Trend Micro products. The TrendEdge database contains numerous documents covering a wide range of topics. http://trendedge.trendmicro.com o Knowledge Base -- a searchable database of known product issues, including specific problem-solving and troubleshooting topics. http://esupport.trendmicro.com 4. System Requirements ======================================================================== For a complete list of the System requirements, please refer to the "Deep Security 9.0 SP1 Installation Guide". 5. Installation/Un-installation ======================================================================== See the "Deep Security 9.0 SP1 Installation Guide" document available for download from the Trend Micro Download Center. 6. Known Incompatibilities ======================================================================== None. 7. Known Issues in Deep Security Agent 9.0 SP1 - Solaris ======================================================================== - Deep Packet Inspection (DPI)is not supported over SSL connections when using IPv6. - If you wish to use Point To Point Tunneling Protocol (PPTP) with Deep Security you must modify some of the advanced settings. Log in to Deep Security Manager and go to System Settings->Network Engine. Check the Advanced Settings check box and set the following: Filter IPV4 Tunnels: Disable detection of IPV4 Tunnels Maximum Tunnel Depth: 4 Action if Maximum Tunnel Depth Exceeded: Bypass Then click Save. [Deep Security 8.0 Tier 2-00200] - SYN Flood protection is only supported on versions 7.5 or earlier of the Windows Agents and on versions 7.5 or earlier of the Virtual Appliance. It is not supported on versions 7.5 SP1 or later of the Windows Agents or versions 7.5 SP1 or later of the Virtual Appliance. It is not supported on any versions of the Linux or Solaris Agents. - When installing pfil on Solaris, you may encounter the following error message during pkgadd: ## Executing postinstall script. grep: can't open "//etc/opt/pfil/iu.ap" This error message can be safely disregarded. - If you start the agent from a terminal session, the agent may stop when the terminal window is closed. You can prevent this by performing the following steps: 1) vi /etc/init.d/ds_agent 2) Change the line ds_agent –w /var/opt/ds_agent to nohup ds_agent –w /var/opt/ds_agent > /dev/null 2>&1 3) Save the file and restart the agent - If you have installed a version of libiconv from www.sunfreeware.com that is newer than version 1.8 you may see the following warning when installing the Solaris agent: WARNING: The package "libiconv from http://www.sunfreeware.com/" is a prerequisite package and should be installed. This message can be safely ignored. - If you have installed a version of libgcc from www.sunfreeware.com that is newer than version 3.4.6 you may see the following warning when installing the Solaris agent: WARNING: The package "libgcc from http://www.sunfreeware.com/" is a prerequisite package and should be installed. This message can be safely ignored. - During upgrade you may see an agent upgrade failed error. The system event will show: Processing package instance from pkgadd: ERROR: unable to make temporary directory This is caused by the pkgadd in Solaris creating an environment variable for the ds_agent process. To complete the upgrade, restart the ds_agent process on the Solaris machine and repeat the upgrade. The previous version of the ds_agent is still running and protecting the Solaris machine. - When the network engine is working in TAP mode and the in-guest agent is offline, the DSVA status will be “Stand By”. hen this occurs the DSVA is actually online and DPI/FW events will logged when rules are triggered. [10948] - Log Inspection events have a size limitation of 6000 characters. 8. Release History ======================================================================== 9.0.0.2009 May 21, 2013 9. Files Included in This Release ======================================================================== This release is a complete installation. Use one of the following files depending on the Solaris platform: Agent-Solaris_5.10_U5-9.0.0-2008.x86_64.pkg.gz Agent-Solaris_5.10_U5-9.0.0-2009.sparc.pkg.gz Agent-Solaris_5.10_U7-9.0.0-2008.x86_64.pkg.gz Agent-Solaris_5.10_U7-9.0.0-2009.sparc.pkg.gz Agent-Solaris_5.11-9.0.0-2008.x86_64.p5p.gz Agent-Solaris_5.11-9.0.0-2009.sparc.p5p.gz Agent-Solaris_5.9-9.0.0-2009.sparc.pkg.gz 10. Contact Information ======================================================================== A license to the Trend Micro software usually includes the right to product updates,pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our Web site. Global Mailing Address/Telephone Numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Us" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 11. About Trend Micro ======================================================================== Trend Micro, Inc. provides virus protection, anti-spam, and content-filtering security products and services. Copyright 2013, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, Deep Security and "deep security solutions" are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ======================================================================== Information about your license agreement with Trend Micro can be viewed at: http://us.trendmicro.com/us/about/company/user_license_agreements/ 13. Third Party Software ======================================================================== The 3rd party software is subject to the licenses available in the following directory: [INSTALL DIRECTORY]\Licenses Where 3rd party licenses require open access to their source code, Trend Micro will provide the necessary materials upon written request. ======================================================================== (C) 2013 Trend Micro Inc. All rights reserved. Published in Canada.