<<<>>> Trend Micro, Inc. November 18, 2014 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro (TM) Deep Security(TM) 9.5 Deep Security Manager 9.5 Critical Patch - Build 2461 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents =================================================================== 1. Overview of this Critical Patch Release 1.1 Files Included in this Release 2. Documentation Set 3. System Requirements 4. Installation/Uninstallation 4.1 Installation 4.2 Uninstallation 5. Post-installation Configuration 6. Known Issues 7. Release History 7.1 Prior Hot Fixes 8. Contact Information 9. About Trend Micro 10. License Agreement =================================================================== 1. Overview of this Critical Patch Release ======================================================================= This critical patch resolves the following issues: Issue 1: An issue related to an SSLv2 hello protocol attribute prevents Deep Security Manager from deploying the Filter Driver on ESXi 5.0 or 5.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This critical patch resolves the issue related to the SSLv2 hello protocol attribute so that Deep Security Manager can successfully deploy the Filter Driver on ESXi 5.0 or 5.1. -------------------------------------------------------------------- Issue 2: When Deep Security Manager responds to URL requests, the response contain the Deep Security Manager web server type and version information. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This critical patch removes the server type and version information from the "server.xml" parameter that Deep Security Manager uses to respond to URL requests so that these information do not appear in the URL request responses. -------------------------------------------------------------------- Issue 3: An issue with the SSLv3 protocol triggers a certain vulnerability in Deep Security Manager 9.5. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This critical patch enables Deep Security Manager 9.5 web servers to accept only TLSv1.0 connections and prevents these from accepting SSLv3 connections to resolve the vulnerability. -------------------------------------------------------------------- Issue 4: Amazon Web Services (AWS) added the Frankfurt Region which is not currently supported in Deep Security Manager 9.5. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This critical patch enables Deep Security Manager 9.5 to support the AWS Frankfurt Region. 1.1 Files Included in this Release ==================================================================== Manager-Windows-9.5.2461.x64.exe (Microsoft(TM) Windows(TM) 64-bit) Manager-Linux-9.5.2461.x64.sh (Red Hat(TM) 6 64-bit) 2. Documentation Set ======================================================================= In addition to this readme.txt, the documentation set for this product includes the following: o Installation Guide (IG) -- Provides product overview, deployment plan, installation steps and basic information intended to help you deploy Deep Security smoothly. o User's Guide (UG) -- Provides post-installation instructions on how to configure the settings to help you get Deep Security "up and running". Also includes instructions on performing other administrative tasks for the day-to-day maintenance of Deep Security. o Readme.txt files -- version enhancements, known issues, and release history. There is one readme for each installable Deep Security component: Manager, Agent, Virtual Appliance, and ESX Filter Driver. o Electronic versions of the documents are available at: http://downloadcenter.trendmicro.com/ o Online help -- Context-sensitive help screens available on the Deep Security Manager that provide guidance for performing a task. o Knowledge Base -- a searchable database of known product issues, including specific problem-solving and troubleshooting topics. http://esupport.trendmicro.com 3. System Requirements ======================================================================= Refer to the "Installation Guide" or release notes for a complete list of system requirements. 4. Installation/Uninstallation ======================================================================= 4.1 Installation ==================================================================== Refer to the "Installation Guide" in the following web site for the complete installation procedure: http://downloadcenter.trendmicro.com/ 4.2 Uninstallation ==================================================================== Refer to the "Installation Guide" in the following web site for the complete uninstallation procedure: http://downloadcenter.trendmicro.com/ 5. Post-installation Configuration ======================================================================= No post-installation steps are required. 6. Known Issues ======================================================================= There are no known issues for this critical patch release. For other known issues, please refer to the product release notes. 7. Release History ======================================================================= Deep Security 9.5 Build 9.5.2456, August 18, 2014 See the following web site for more information about updates to this product: http://www.trendmicro.com/download 7.1 Prior Hot Fixes ==================================================================== NOTE: Only the new hot fix was tested for this release. Prior hot fixes were tested at the time of their release. Hot Fix 2460 (November 15, 2014) Issue: When you add more than one NIC to an existing guest virtual machine (VM), vCenter will update the IP address list in a last-in first-out (LIFO) pattern. When Deep Security Manager queries vCenter, vCenter will provide the most recently-added IP address for each guest VM. If the IP address and the corresponding NIC card is not accessible from Deep Security Manager or vCenter at that time, the corresponding guest VM status will be "offline". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hot fix allows users to specify a preferred IP address for each guest VM through the "settings.configuration.preferredGuestVMIpAddress" parameter. Deep Security Manager will always use this preferred IP address to connect to a guest VM with multiple IP addresses and NICs. This helps ensure that Deep Security Manager can always connect to Deep Security Agent even when the NIC changes as long as the specified IP address is correct. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure: To add or change the preferred IP address for a guest VM: a. Install this hot fix (see "Installation"). b. Log on to Deep Security Manager. c. Open a command prompt and navigate to "C:\ProgramFiles\TrendMicro\Deep Security Manager". d. Run the following command in a single line: To specify the preferred IP address for a VM: dsm_c.exe -action makesetting -name settings.configuration.preferredGuestVMIpAddress -computername AgentComputerHostNameHere -value IpAddressYouwantHere To change the preferred IP address for a VM: dsm_c.exe -action changesetting -name settings.configuration.preferredGuestVMIpAddress -computername AgentComputerHostNameHere -value IpAddressYouwantHere Note: Change "AgentComputerHostNameHere" to the VM's computer name and "IpAddressYouwantHere" to the preferred IP address. 8. Contact Information ======================================================================= A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our web site. Global Mailing Address/Telephone numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Us" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 9. About Trend Micro ======================================================================= Trend Micro Incorporated, a global leader in Internet content security and threat management, aims to create a world safe for the exchange of digital information for businesses and consumers. A pioneer in server-based antivirus with over 20 years of experience, we deliver top-ranked security that fits our customers' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the Trend Micro Smart Protection Network(TM) infrastructure, our industry-leading cloud-computing security technology and products stop threats where they emerge, on the Internet, and are supported by 1,000+ threat intelligence experts around the globe. For additional information, visit www.trendmicro.com. Copyright 2014, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, Smart Protection Network, and Deep Security are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ======================================================================= More information about your license agreement with Trend Micro and Third-party licensing agreements can be found in the release notes.