<<<>>> Trend Micro, Inc. November 18, 2014 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro (TM) Deep Security(TM) 9.0 Deep Security Manager 9.0 Service Pack 1 Critical Patch - Build 6818 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents =================================================================== 1. Overview of this Critical Patch Release 1.1 Files Included in this Release 2. Documentation Set 3. System Requirements 4. Installation/Uninstallation 4.1 Installation 4.2 Uninstallation 5. Post-installation Configuration 6. Known Issues 7. Release History 7.1 Prior Hot Fixes 8. Contact Information 9. About Trend Micro 10. License Agreement =================================================================== 1. Overview of this Critical Patch Release ======================================================================= This critical patch resolves the following issue: Issue: An issue related to an SSLv2 hello protocol attribute prevents Deep Security Manager from deploying the Filter Driver on ESXi 5.0 or 5.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This critical patch resolves the issue related to the SSLv2 hello protocol attribute so that Deep Security Manager can successfully deploy the Filter Driver on ESXi 5.0 or 5.1. 1.1 Files Included in this Release ==================================================================== A. Files for Current Issues -------------------------------------------------------------------- Filename Build No. ----------------------------------------------------------------- Manager-Windows-9.0.6818.x64.exe 6818 (Microsoft(TM) Windows(TM) 64-bit) Manager-Linux-9.0.6818.x64.sh 6818 (Red Hat(TM) 6 64-bit) B. Files for Previous Issues -------------------------------------------------------------------- Not applicable. 2. Documentation Set ======================================================================= In addition to this readme.txt, the documentation set for this product includes the following: o Installation Guide (IG) -- Provides product overview, deployment plan, installation steps and basic information intended to help you deploy Deep Security smoothly. o User's Guide (UG) -- Provides post-installation instructions on how to configure the settings to help you get Deep Security "up and running". Also includes instructions on performing other administrative tasks for the day-to-day maintenance of Deep Security. o Readme.txt files -- version enhancements, known issues, and release history. There is one readme for each installable Deep Security component: Manager, Agent, Virtual Appliance, and ESX Filter Driver. o Electronic versions of the documents are available at: http://downloadcenter.trendmicro.com/ o Online help -- Context-sensitive help screens available on the Deep Security Manager that provide guidance for performing a task. o Knowledge Base -- a searchable database of known product issues, including specific problem-solving and troubleshooting topics. http://esupport.trendmicro.com 3. System Requirements ======================================================================= Refer to the "Installation Guide" or release notes for a complete list of system requirements. 4. Installation/Uninstallation ======================================================================= 4.1 Installation ==================================================================== Refer to the "Installation Guide" in the following web site for the complete installation procedure: http://downloadcenter.trendmicro.com/ 4.2 Uninstallation ==================================================================== Refer to the "Installation Guide" in the following web site for the complete uninstallation procedure: http://downloadcenter.trendmicro.com/ 5. Post-installation Configuration ======================================================================= No post-installation steps are required. 6. Known Issues ======================================================================= There are no known issues for this critical patch release. For other known issues, please refer to the product release notes. 7. Release History ======================================================================= - Deep Security Manager 9.0 Service Pack 1 Patch 1 Build 9.0.5500, September 4, 2013 - Deep Security Manager 9.0 Service Pack 1 Patch 2 Build 9.0.6019, December 6, 2013 - Deep Security Manager 9.0 Service Pack 1 Patch 3 Build 9.0.6500, May 16, 2014 - Deep Security Manager 9.0 Service Pack 1 Patch 4 Build 9.0.6601, October 8, 2014 See the following web site for more information about updates to this product: http://www.trendmicro.com/download 7.1 Prior Hot Fixes ==================================================================== NOTE: Only the new hot fix was tested for this release. Prior hot fixes were tested at the time of their release. Hot Fix 6816 (November 13, 2014) Issue: In the Deep Security multi-tenancy environment, when users add vCenter to T0 and vCloud to TN, Deep Security Virtual Appliances under T0 cannot be activated. This happens because the host job scheduler encounters an exception while loading the host agent checking tasks which prevents the scheduler from loading the host activation task. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hot fix prevents the exception so that Deep Security Virtual Appliances can be activated successfully under the scenario described above. Hot Fix 6814 (November 6, 2014) Issue 1: Agent-Initiated or Manager-Initiated Recommendation Scans do not work on endpoints running Microsoft(TM) Windows(TM) Azure(TM) because Windows Azure disconnects the connection between Deep Security Manager and Deep Security Agent when the connection becomes idle for more than four minutes. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hot fix adds the following registry keys to enable the Keep-Alive socket option which can prevent Windows Azure Endpoints from disconnecting the connection between Deep Security Manager and Deep Security Agent when the connection becomes idle for more than four minutes. Path: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\ Parameters Name: KeepAliveTime Type: REG_DWORD Default Value: 0x6DDD00 (7,200,000 milliseconds = 2 hours) Path: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\ Parameters Name: KeepAliveInterval Type: REG_DWORD Default Value: 0x3E8 (1,000 milliseconds = 1 second) This helps ensure that Agent-Initiated or Manager- Initiated Recommendation Scans work on endpoints running Windows Azure. Issue 2: Tenant events are not deleted according to the "Data Pruning" setting. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hot fix ensures that the Deep Security Manager maintenance job deletes child tenant events according to the "Data Pruning" setting. Issue 3: The descriptions of the "Fragment Timeout" and "Maximum number of fragmented IP packets to keep" fields are incorrectly translated to Chinese or Japanese. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hot fix ensures that the descriptions are properly translated to Japanese and Chinese. Critical Patch 6803 (October 23, 2014) Issue: An issue with the SSLv3 protocol triggers a certain vulnerability in Deep Security Manager 9.0 Service Pack 1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This critical patch enables Deep Security Manager 9.0 Service Pack 1 web servers to accept only TLSv1.0 connections and prevents these from accepting SSLv3 connections to prevent the vulnerability. 8. Contact Information ======================================================================= A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our web site. Global Mailing Address/Telephone numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Us" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 9. About Trend Micro ======================================================================= Trend Micro Incorporated, a global leader in Internet content security and threat management, aims to create a world safe for the exchange of digital information for businesses and consumers. A pioneer in server-based antivirus with over 20 years experience, we deliver top-ranked security that fits our customers’ needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the Trend Micro Smart Protection Network(TM) infrastructure, our industry-leading cloud-computing security technology and products stop threats where they emerge, on the Internet, and are supported by 1,000+ threat intelligence experts around the globe. For additional information, visit www.trendmicro.com. Copyright 2014, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, Smart Protection Network, and Deep Security are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ======================================================================= More information about your license agreement with Trend Micro and Third-party licensing agreements can be found in the release notes.