~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Readme for Trend Micro (TM) Deep Security(TM) Manager 8.0 Service Pack 2 Patch 2 Platforms: Microsoft(TM) Windows(TM) 2008 Server (32-bit and 64-bit), Windows 2008 Server R2 (64-bit), Windows 2003 Server SP2 (32-bit and 64-bit), Windows 2003 Server R2 Service Pack 2 (32-bit and 64-bit), Red Hat(TM) Enterprise Linux(TM) 5 (64-bit), Red Hat Enterprise Linux 6 (64-bit) Not Supported: Red Hat Enterprise Linux Xen Hypervisor (Domaino) Date: January 24, 2014 Release: 8.0 Service Pack 2 Patch 2 Build Version: 8.0.4136 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This product is subject to the terms detailed in the click through license agreement and copied to the install directory. For more information about the Trend Micro suite of Deep Security products, visit our web site at: http://us.trendmicro.com/us/solutions/enterprise/security-solutions/ virtualization/deep-security/ Download the latest version of this readme from the "Software" page at the Trend Micro Download Center web site http://downloadcenter.trendmicro.com/ Trend Micro certifies Deep Security Manager on the Red Hat Linux platform, customers who choose to deploy the Manager on the CentOS latform should be aware that although binary-compatible, Trend Micro does not test this platform during the release process. Trend Micro will support issues found on CentOS provided that these issues are not specific to that platform. Issues that are common to both Red Hat and CentOS platforms will follow the standard support process. Trend Micro is always seeking to improve its documentation. If you have questions, comments, or suggestions about this or any other Trend Micro documents, please contact us at docs@trendmicro.com. Your feedback is always welcome. Contents =================================================================== 1. About Deep Security Manager 8.0 Service Pack 2 Patch 2 1.1 Overview of this Release 1.2 Who Should Install this Release 1.3 Support Expiration Notice 1.4 Upgrade Notice 2. What's New 3. Documentation Set 4. System Requirements 5. Known Incompatibilities 6. Known Issues 7. Release History 8. Files Included in this Release 9. Contact Information 10. About Trend Micro 11. License Agreement 12. Third Party Software =================================================================== 1. About Deep Security Manager 8.0 Service Pack 2 Patch 2 ======================================================================== 1.1 Overview of this Release ===================================================================== Deep Security Manager 8.0 Service Pack 2 Patch 2 resolves several issues in version 7.0, 7.5, and 8.0 For major changes in Deep Security 8.0 Service Pack 2 from previously-released versions of Deep Security Manager, please read the "What's New in 8.0" section of the Deep Security "Administrator's Guide" or Deep Security Manager on-line help, available for download from the Trend Micro Download Center. 1.2 Who Should Install this Release ===================================================================== You should install this release if you are currently running Deep Security Manager 7.5 or 8.0 Service Pack 2. All new Deep Security users should install this version. 1.3 Support Expiration Notice ===================================================================== Deep Security Manager 8.0 Service Pack 2 Patch 2 supports upgrades from version 7.5 and 8.0 and does not support upgrades from version 6.1 and any older versions. Trend Micro strongly recommends upgrading to the most recent version to take full advantage of new features and improved performance. Please visit the Trend Micro Deep Security Center web site to download the latest releases at: http://downloadcenter.trendmicro.com/ 1.4 Upgrade Notice ===================================================================== If you are currently using Deep Security 7.5 with the Deep Security Virtual Appliance and you are intending to upgrade to Deep Security 8.0 Service Pack 2 Patch 2, please read the "Upgrading from Deep Security 7.5 in a VMware vSphere 4 Environment" section of the Deep Security 8.0 "Getting Started" and "Installation Guide". Refer to the VMware documentation for upgrading your VMware environment including the KB article on the VMware website. Unmanaged vShield Endpoint 1.0 components remain after upgrading vShield Manager from version 4.1 to 5.0 (http://kb.vmware.com/kb/2011482) 2. What's New ======================================================================== 2.1 Enhancements ===================================================================== There are no enhancements for this Patch. 2.2 Resolved Known Issues ===================================================================== Deep Security Manager Service Pack 2 Patch 2 resolves the following issues: Issue 1: The Deep Security Manager 8.0 console's vCenter synchronization breaks when the vCenter is structured with a vApp containing a Resource Pool that has a virtual machine. When this happens, the virtual machine do not appear on the Deep Security Manager 8.0 console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hot fix resolves this issue by fixing a synchronization issue in vApp. Issue 2: An error occurs when users attempt to generate "Summary Reports" on Red Hat for Linux 6. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hot fix makes the report template name field case-sensitive which resolves the issue. Issue 3: When the user configure the SSL certificate for Deep Packet Inspection (DPI), the DNS resolution fails if the given host name is in the [hostname]:[port] format. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Patch enables Deep Security Manager to support the host names in the [hostname]:[port format. Issue 4: The log retention period for the event pruning feature is limited to 52 weeks. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Patch extends the log retention period for the event pruning feature to 53 weeks for QSA audit for PCI compliance and the filter constraint for recurring report tasks to 53 weeks or 13 months to allow report generation based on the data from last 53 weeks or 13 months. Issue 5: On the "Updates" page, 10.xx.xxx antivirus patterns and engines appear as out-of-date. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Patch fixes the floating point comparison variable data type that represents the pattern/engine version number so that the correct status appears on the "Updates" page. Issue 6: If you import 8.0 Service Pack 2 version of the filter driver to Deep Security Manager 8.0 Service Pack 2, version 9.0 of the filter driver will also appear on the "Updates" page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This Patch resolves a logic issue in comparing major version numbers to ensure that only the relevant filter driver versions appear on the "Updates" age. Issue 7: After migrating Deep Security Manager, some role rights may be granted "view" permissions by mistake. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This Patch enables Deep Security Manager to check the version number before migrating role rights to ensure that it only migrates role rights when necessary. Issue 8: When a virtual machine's network is bonded, Deep Security Manager generates the wrong network interface change event. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This Patch adds a name-matching mechanism to the host command handler of Deep Security Manager to enable it to handle a virtual machine's interface bonding/bridge configuration correctly. This can help ensure that Deep Security Manager generates the correct network interface change event when a virtual machine's network is bonded. This solution requires users to install a related hot fix to Deep Security Agent to resolve the issue completely. 3. Documentation Set ======================================================================== In addition to this readme, the documentation set for this product includes the following: o Deep Security 8.0 Getting Started and Installation Guide (IG) -- Provides product overview, deployment plan, installation steps and basic information intended to help you smoothly deploy Deep Security. o Deep Security 8.0 Administrator’s Guide (AG) -- Provides post-installation instructions on how to configure the settings to help you get Deep Security "up and running". Also includes instructions on performing other administrative tasks for the day-to-day maintenance of Deep Security. o Readme files -- version enhancements, known issues, and release history. There is one readme for each installable Deep Security component: Manager, Agent (including Relay and Notifier), Virtual Appliance and ESX Filter Driver. o Electronic versions of the manuals are available from the Trend Micro Download Center at: http://downloadcenter.trendmicro.com/ o Online help -- Context-sensitive help screens that provide guidance for performing a task. o TrendEdge is a program for Trend Micro employees, partners, and other interested parties that provides information on unsupported, innovative techniques, tools, and best practices for Trend Micro products. The TrendEdge database contains numerous documents covering a wide range of topics. http://trendedge.trendmicro.com o Knowledge Base -- a searchable database of known product issues, including specific problem-solving and troubleshooting topics. http://esupport.trendmicro.com 4. System Requirements ======================================================================== For a complete list of the System requirements, please refer to the Deep Security 8.0 "Installation Guide". 5. Known Incompatibilities ======================================================================== - Deep Security Manager 8.0 does not support Windows Vista. 6. Known Issues ======================================================================== 6.1 Known Issues in Deep Security Manager 8.0 Service Pack 2 ===================================================================== - When you enter a license key for Deep Security, that license will override any license that you have previously entered. This applies to features as well as the period of time for which the license is valid. This means it is possible to enter a new license which will cause you to lose protection that was previously enabled. [TT Tier 200066, 67 and 68] - The Autotagging feature has been moved to the event page for each Deep Security component. If you wish to enable autotagging of an event: a. Log on to Deep Security Manager. b. Go to the event page and click the "AutoTagging" button. [Deep Security 8.0 Tier 2-00244] - If you deploy the Deep Security Relay while installing Deep Security Manager on a virtual device within an ESX host, the Deep Security Relay appears as a machine in the "Computers" section. If you connect to vCenter and sync assets, the Deep Security Manager and Relay computer will appear as unmanaged and you will not be able to activate the computer because it is already registered as a protected computer. To resolve this issue, uninstall Deep Security Relay, remove the computer, and re-install the Deep Security Relay. [FB 13542] - While generating a report, the "save as" dialog that pops up shows the default extension as ".screen" when the correct extension for the format type chosen is ".rtf" or ".pdf". [Deep Security 8.0 SP2-00023] - Because the Deep Security Relay server does not support a component rollback, if a rollback is performed on a Deep Security Relay, the components listed in the Deep Security Manager may not match the actual versions available on the Deep Security Relay Server. The next update of components will re-synch the component versions displayed in Deep Security Manager. [Deep Security 8.0 Tier 2-00180] - The Trend Micro Filter Driver provided by Trend Micro is in a different format from the Trend Micro Filter Driver provided by VMware using the VMware Update Manager. If you wish to deploy the Filter Driver from Deep Security Manager, you must use the one from the Trend Micro Download Center. [Deep Security 8.0 Tier 2-00043] - When specifying directory exclusion lists for use on Linux Deep Security Agents, the path must include the trailing slash "/". For example "/tmp" is invalid, but "/tmp/" is valid. [Deep Security 8.0 Tier 2-00243] - When generating a report, the default report filename will be automatically truncated by the Microsoft Internet Explorer(TM) 7 browser (JP). [Deep Security 8.0 L10n-00025] - Environment variables for Anti-Malware Exclusions are only supported for Windows platforms and not on Linux platforms. [Deep Security 8.0 Tier 2-00234] - Deep Security Manager will silently discard Web Reputation URLs that exceed 2000 characters in the block or allow fields. [Deep Security 8.0-01181] - Deep Security Manager does not support License updates or connecting to the Trend Micro Certified Safe Software Service using a SOCKS proxy. These two features will work with an HTTP proxy only. [Deep Security 8.0-1024] - You may encounter the following error when you deploy and activate a version 7.5 Deep Security Virtual Appliance for the first time: The product has passed invalid parameters to ActiveUpdate. Please contact your Trend Micro technical support provider. If this occurs, clear the errors/warnings on the affected host and run another component update. [Deep Security 8.0-00546] - In some instances, after the Deep Security Manager is installed or upgraded, the Deep Security Manager web console cannot be accessed. If this occurs, restarting the Deep Security Manager service resolves the issue. [Deep Security 8.0-00653] - On the "Security Profiles" page of Deep Security Manager, you cannot sort the contents of the "AntiMalware Status Light" and the "Web Reputation Status Light" columns successfully. [Deep Security 8.0 Tier 2-00009] - In certain cases, you may encounter the following message when you use the "dsm_s stop" command on Linux to stop the Deep Security Manager services. Timeout. Daemon did not shutdown yet. "Dsm_s" is based on install4j with a timeout value of 15 seconds which cannot be changed. However, the Deep Security Manager may take longer than 15 seconds to shut down. To ensure the service shuts down successfully, use the "ps –ef | grep DSMService" command instead. [Deep Security 8.0-00095] - Air-gapped Relays will still try to contact an update server to check for updates. To avoid update failure alerts, set the Relay to use itself as an update source by performing the following procedure: a. In the Relay’s "Details" window, go to "System > System Settings > Updates". b. In the "Relays" area, select "Other Update Source:" and enter "https://localhost:4122". c. Click "Save". [Deep Security 8.0-1124] - If an ESX with an installed vShield Endpoint driver is removed from its vCenter, the Deep Security Manager will not detect the installed driver if the ESX is later re-added to the vCenter. As a result, anti-malware will not be enabled in virtual machines that are newly protected by Deep Security Virtual Appliance. To work around this, uninstall and reinstall the driver through the vShield Manager. [Deep Security 8.0-01036] - The default value for "whois" in Deep Security cannot be resolved properly. If you wish to use the "whois" feature, you can modify the URL to use an appropriate server. [Deep Security 8.0-01248] - DPI is not supported over SSL connections when using IPv6. - The Anti-malware scan inclusion/exclusion directory settings are sensitive to forward slash "/" and backslash "\". For use with Windows operating systems, the inclusion/exclusion paths must use the backslash "\". [7.5 SP2-00231] - When creating custom Integrity Monitoring rules using the "RegistryKeySet" tag, the attribute values must be in uppercase letters. For example, Using lowercase may result in an "Integrity Monitoring Rule Compile Issue" error. [7.5 SP2-00171] - The anti-malware scan for a network shared folder is only supported in real time scan. It will not work with manual scans or scheduled scans. [7.5-00012] - If a CD or a mounted ISO file contains malware, and the anti-malware configuration is set to "Delete" upon detection, Deep Security Manager will still report that the file has been "deleted" in the events log even though it was not deleted and could not be deleted. [7.5-00010] - The file names reported in Deep Security Manager anti-malware events do not match the original filenames for the malware found in the Recycle Bin. [7.5-00023] - During upgrades on some platforms, the Deep Security Manager service may not be installed properly if the "Services" screen is open. Trend Micro recommends closing the "Services" screen before installing or upgrading Deep Security Manager. - If you receive a "java.lang.OutOfMemoryError" error while installating Deep Security Manager, please refer to the "Installation Guide" for instructions on how to configure the maximum memory usage for the installer. - During upgrades, if you receive a message stating that the Manager cannot start the service, restarting the computer will usually resolves the issue. In rare cases, you may need to run the installer again in "Upgrade/Repair" mode after restarting. - If the Windows Firewall is enabled on the Deep Security Manager, it may interfere with port scans and cause false port scan results. Windows Firewall may proxy ports 21, 389, 1002, and 1720 resulting in these ports always appearing open regardless of any filters placed on the computer. - By default Microsoft Exchange(TM) 2000 and later servers will dynamically assign a non-privileged port (1024-65535) for communications between the client and the server for the System Attendant, Information Store, and Name Service Provider Interface (NSPI) services. If you will be using the Exchange Server profile with an Exchange 2000 or later server then you should configure these services to use static ports as described in the article "Exchange 2000 and Exchange 2003 static port mappings" (http://support.microsoft.com/?kbid=270836). Once static ports have been configured you should extend the appropriate Exchange Server port list to include the ports that have been assigned to these services. You may also want to set the "No RFR Service" registry setting to "1" to prevent the Exchange server from referring clients to the domain controller for address book information. See the article "How Outlook 2000 Accesses Active Directory" (http://support.microsoft.com/?kbid=302914) for more information. Alternatively, it is possible to configure Exchange RPC to run over HTTPS if you are using Microsoft Outlook(TM) 2003 on Windows XP SP2 or later with Exchange Server 2003. In this case, only port 443 needs to be added to the Exchange port list. - The "Recommendation" alert may occur on some computers even after all recommended DPI, Integrity, and Log Inspection Rules have been applied. This may occur because there are Application Types that are recommended for a computer, but all DPI Rules within the Application Type are not recommended. To remove the alert, you can use the "Show All" view of the "DPI Rules" screen for the computer and ensure all recommended Application Types are assigned, or after verifying you have assigned all recommended rules for the computer, you can simply dismiss the alert. [8345] - If Deep Security Manager cannot connect to vCenter for an extended period of time, you may notice certain errors constantly being raised and resolved on Deep Security Virtual Appliance virtual machines, particularly the "Interfaces Out of Sync" error. In general, when Deep Security Manager is integrated with vCenter, it must maintain constant connectivity with vCenter in order to properly provide protection to the environment. When connectivity is broken, Deep Security Manager will not be able to respond to the dynamic environment and issues like this can occur. The solution is to ensure that connectivity between Deep Security Manager and vCenter is always maintained. [10564] - When a virtual machine is migrated from one Deep Security Virtual Appliance protected ESX to another, and if that virtual machine currently has warnings or errors associated with it for example "Reconnaissance Detected", those errors may be inadvertently cleared during the migration. [10602] - Log Inspection events have a size limitation of 6000 characters. 7. Release History ======================================================================== - 8.0.2125 March 12, 2012 - 8.0.2224 April 30, 2012 - 8.0.2238 August 17, 2012 - 8.0.4100 January 9, 2013 (Service Pack 2) - 8.0.4126 June 14, 2013 (Patch 1) Hot Fix 4132 Issue: The DNS resolution fails when users specify a host name in the "[hostname]:[port]" format while configuring the SSL certificate for DPI inspection. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hot fix enables Deep Security Manager to support host names in the "[hostname]:[port]" format. Hot Fix 4131 Issue: After upgrading the Deep Security Manager from version 7.5 Service Pack 4 to any later version, some user rights change unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hot fix ensures that only the mechanisms applicable to the current Deep Security Manager version are triggered during upgrades. This can help prevent user rights from changing unexpectedly after version upgrades. Hot Fix 4130 Issue 1: An error occurs when users attempt to generate "Summary Reports" on Red Hat Linux 6. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hot fix makes the report template name field case-sensitive which resolves the issue. Issue 2: In the "vCenter properties" page, the "Add/Update Certificate..." button is greyed-out when the account user name contains special characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hot fix resolves this issue by fixing a synchronization issue in vApp. Hot Fix 4128 Issue: The Deep Security Manager 8.0 console's vCenter synchronization breaks when the vCenter is structured with a vApp containing a Resource Pool that has a virtual machine. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hot fix resolves this issue by fixing a synchronization issue in vApp. Hot Fix 4124 Issue 1: When users specify a criterion to search for firewall events using the Advanced Search feature on the Deep Security Manager console, the events that appear on the search results do not match the criterion. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hot fix adds newly-defined GUIDs for the packet filter which ensures that the Advance Search feature works properly. Issue 2: Users are not warned when they specify an invalid hostname in the "Appliance Hostname" field on the "Deploy Deep Security Virtual Appliance" wizard. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hot fix enables Deep Security Manager to use the server-based Regex validation instead of the redundant browser-based Regex validation which helps ensure that Deep Security Manager can properly identify invalid hostnames. Issue 3: Users who do not have the proper permissions can still perform updates and rollback components. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hot fix ensures that only users who have the required permissions can update and rollback components. Issue 4: The number of managed computers in the "Updates > Deep Security Rule Update" section of the Deep Security Manager console is incorrect. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hot fix ensures that the correct information appears "Updates > Deep Security Rule Update" section of the Deep Security Manager console. Hot Fix 4119 Issue: The status text and light icon on Deep Security Manager behave abnormally after vMotion runs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hot fix ensures that the status text and light icon function normally. Hot Fix 4118 Issue 1: Deep Packet Inspection rules are assigned automatically even though the application type is excluded from the "scanning for the recommendations" rule. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: After applying this hot fix, Deep Packet Inspection rules are no longer listed in the recommendations if the application type is excluded from the "scanning for the recommendations" rule. Issue 2: A database error occurs during a scheduled synchronization of the Deep Security Manager Directory. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hot fix ensures that scheduled Deep Security Manager Directory synchronization tasks can run successfully. Issue 3: Old log data are sent to the syslog server and keeps the Deep Security Manager database busy. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hot fix prevents the log processing function from sending old logs to the syslog server when a database query exception happens. Issue 4: Users who do not have the proper permissions can still perform updates and rollback components. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hot fix ensures that only users who have the required permissions can update and rollback components. Issue 5: The "System Events" page takes a long time to load. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This hot fix ensures that the "System Events" page loads normally. Issue 6: It may take a long time to export Deep Security Manager events with descriptions from the Deep Security Manager "System Events" page which can cause the console to stop responding. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This hot fix resolves a table lock issue to improve the performance and stability of Deep Security Manager while exporting events from the "System Events" page. Issue 7: The pages of the Deep Security Manager console load slowly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This hot fix ensures that the pages load faster. Issue 8: Virtual agents create excessive database entries which slow down the computer's performance. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This hot fix prevents virtual agents from creating excessive entries in the database for the Antimalware and Web Reputation functionality. This resolves the issue NOTE: After upgrading you will need to manually dismiss all Antimalware and Web Reputation alerts once to completely resolve this issue. Issue 9: Out-of-sync events are reported in Deep Security Manager after users reconfigure events on vCenter. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: This hot fix resolves this issue. Issue 10: Deep Security Appliance reports a "interface out of sync" status for some virtual machines and then reports that the interface is in-sync after a while. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: This hot fix ensures that the Deep Security Appliance reports the correct status of virtual machines. 8. Files Included in this Release ======================================================================== This release is a complete installation. Use one of the following files: - Manager-Windows-8.0.xxxx.i386.exe (32-bit) - Manager-Windows-8.0.xxxx.x64.exe (64-bit) - Manager-Linux-8.0.xxxx.x64.sh (64-bit) 9. Contact Information ======================================================================== A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our web site. Global Mailing Address/Telephone Numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Trend Micro" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 10. About Trend Micro ======================================================================== Trend Micro, Inc. provides virus protection, anti-spam, and content-filtering security products and services. Copyright 2014, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, Deep Security and, "deep security solutions" are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 11. License Agreement ======================================================================== Information about your license agreement with Trend Micro can be viewed at: http://us.trendmicro.com/us/about/company/user_license_agreements/ 12. Third Party Software ======================================================================== Deep Security Manager employs the use of 3rd party binary distributions. The binary distributions are subject to the licenses available in the following directory: [INSTALL DIRECTORY]\licenses Where 3rd party licenses require open access to their source code, Trend Micro will provide the necessary materials upon written request. For more information on the 3rd party binary distributions and access to source code see the following locations: Apache Commons: http://commons.apache.org Axis: http://ws.apache.org/axis/ BeanShell: http://www.beanshell.org/ Bouncy Castle: http://www.bouncycastle.org/ CSVWriter: http://www.osjava.org/genjava/license.html Derby: http://db.apache.org/derby/ iText: http://www.lowagie.com/iText/index.html Jasper: http://jasperforge.org/plugins/project/ project_home.php?group_id=102 Java: http://www.sun.com/java/ JavaMail API: http://java.sun.com/products/javamail/ JAX-RPC: https://jax-rpc.dev.java.net/ JCommon: http://www.jfree.org/jcommon/ JFreeChart: http://www.jfree.org/jcommon/ JExcel API: http://jexcelapi.sourceforge.net/ JTDS: http://jtds.sourceforge.net/ JUnit: http://www.junit.org/ MD5Crypt: http://www.mackman.net/code/MD5Crypt.java Oracle JDBC: http://www.oracle.com/technology/tech/java/ sqlj_jdbc/index.html SAAJ: https://saaj.dev.java.net/ SNMP4J: http://www.snmp4j.org/ Tomcat: http://tomcat.apache.org/ VMware SDK: http://www.vmware.com/support/developer/vc-sdk/ WBEM Services: http://wbemservices.sourceforge.net/ WSDL4J: http://sourceforge.net/projects/wsdl4j Xalan: http://xml.apache.org/xalan-j/ Xerces: http://xerces.apache.org/xerces2-j/ XML Commons: http://xml.apache.org/commons/ ======================================================================== (C) 2014 Trend Micro Inc. All rights reserved. Published in Canada.