~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Readme for Trend Micro (TM) Deep Security Filter Driver 9.5 Service Pack 1 Patch 1 Platforms: ESXi 5.5 (non-NSX), 5.1, 5.0 Date: July 31, 2015 Release: 9.5 SP1 Patch 1 Build Version: 9.5.3-4000 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This product is subject to the terms detailed in the license agreement and copied to the install directory. For more information about the Trend Micro suite of Deep Security products, visit our website at: http://us.trendmicro.com/us/solutions/enterprise/security-solutions/ virtualization/deep-security/ Download the latest version of this readme from the "Software" page at the Trend Micro Download Center website: http://downloadcenter.trendmicro.com/ Trend Micro is always seeking to improve its documentation. If you have questions, comments, or suggestions about this or any Trend Micro documents, please contact us at docs@trendmicro.com. Your feedback is always welcome. Contents =================================================================== 1. About Deep Security 9.5 Service Pack 1 1.1 Overview of This Release 1.2 Who Should Install This Release 1.3 Upgrade Notice 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation/Uninstallation 6. Known Incompatibilities 7. Known Issues in Deep Security Filter Driver 9.5 SP1 Patch 1 8. Release History 9. Files Included in This Release 10. Contact Information 11. About Trend Micro 12. License Agreement =================================================================== 1. About Deep Security 9.5 Service Pack 1 Patch 1 ======================================================================== 1.1 Overview of This Release ===================================================================== Deep Security 9.5 SP1 Patch 1 contains a number of bug fixes as well as new feature enhancements. For a complete list of the major changes in Deep Security 9.5 SP1 Patch 1 from previously released versions of Deep Security, please see the "Enhancements" section of the online help or the Administrator's Guide, available for download from the Trend Micro Download Center. 1.2 Who Should Install This Release ===================================================================== You should install this release if you are currently running Deep Security 8.0, 9.0 or 9.5 . All new Deep Security users should install Deep Security 9.5 SP1 Patch 1. 1.3 Upgrade Notice ===================================================================== Upgrade the Deep Security Filter Driver to SP1 Patch 1 build 9.5.3.4000 prior to upgrading the Deep Security Virtual Appliance to 9.5 SP1 Patch 1 on non-NSX environments. Engine offline errors will occur if you upgrade the Deep Security Virtual Appliance before upgrading the Filter Driver. 2. What's New ======================================================================== 2.1 Enhancements ===================================================================== This release adds following enhancements: Enhancement 1: [29018/29234/29019/29311/29312] The Deep Security Network Engine has been enhanced to handle Maximum TCP/UDP connections. This drastically reduced the Out of Connection issues found in heavy load environments. The connection cleanup methodology has been improved to handle idle connections and new connection requests. Event Aggregation is now performed for same events appearing in the Deep Security Manager console to avoid event flooding and filling up the database space. The same events are now aggregated in multiple of hundreds, under Repeat Counter columns. Enhancement 2: This Release contains improvements in TCP/IP connection handling to eliminate the potential under certain conditions for evasion of IDS/IPS (Intrusion Prevention) functionality. These improvements do not affect Firewall functionality. 2.2 Resolved Known Issues ===================================================================== This release resolves the following issues: Issue: [28252] When an ESXi server was out of memory, it could produce a purple error code screen. Solution: This issue has been fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue: [26571/TT31298] The Deep Security 9.5 Host displayed a purple error code screen due to a DV filter that crashed because of mishandled IPv6 extension headers. Solution: This issue has been fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue: [29454] For any incoming TCP packet without a connection, if a FIN packet was sent from an endpoint, the packet was dropped as expected, but the event was not logged into Deep Security Manager. Solution: The issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 3. Documentation Set ======================================================================== In addition to this readme.txt, the documentation set for this product includes the following: o Deep Security 9.5 SP1 Installation Guides (IG) -- Provides product overview, deployment plan, installation steps and basic information intended to help you smoothly deploy Deep Security. The following Installation Guides are available in Trend Micro Download Center: Deep_Security_95_SP1_Install_Guide_basic_EN.pdf Deep_Security_95_SP1_Install_Guide_cloud_EN.pdf Deep_Security_95_SP1_Install_Guide_nsx_EN.pdf Deep_Security_95_SP1_Install_Guide_vmsafe_EN.pdf o Deep Security 9.5 SP1 Administrator's Guide (AG) -- Provides post-installation instructions on how to configure the settings to help you get Deep Security "up and running". Also includes instructions on performing other administrative tasks for the day-to-day maintenance of Deep Security. (All the content of the Administrator's Guide can be found in the Deep Security Manager's online help.) o Readme.txt files -- version enhancements, known issues, and release history. There is one readme for each installable Deep Security component: Manager, Agent, Virtual Appliance, and ESX Filter Driver. Electronic versions of the manuals are available from the Trend Micro Download Center at: http://downloadcenter.trendmicro.com/ o Online help -- Context-sensitive help screens that provide guidance for performing a task. (The online contains all the information contained in the Administrator's Guide.) o TrendEdge is a program for Trend Micro employees, partners, and other interested parties that provides information on unsupported, innovative techniques, tools, and best practices for Trend Micro products. The TrendEdge database contains numerous documents covering a wide range of topics. http://trendedge.trendmicro.com o Knowledge Base -- a searchable database of known issues, including specific problem-solving and troubleshooting topics. http://esupport.trendmicro.com 4. System Requirements ======================================================================== For a complete list of the System requirements, please refer to the Deep Security 9.5 SP1 Installation Guide. 5. Installation/Uninstallation ======================================================================== - Version 9.5 SP1 of Deep Security Filter Driver is ONLY required in non-NSX environment. - Refer to the "Installation Guide" in the following website for the complete installation procedure: http://downloadcenter.trendmicro.com/ - Before installing this Patch, please ensure that the Deep Security Manager has already been upgraded to 9.5 SP1 Patch 1. - All Deep Security Relay-Enabled Agents must first be upgraded to Deep Security Agent 9.5 SP1 Patch 1 before upgrading other Agents. - Before Upgrading the Deep Security Virtual Appliance to 9.5 SP1 Patch 1, it is highly recommended to upgrade the Deep Security Filter Driver to 9.5 SP1 Patch 1. 6. Known Incompatibilities ======================================================================== There are no known incompatibilities for this release. 7. Known Issues in Deep Security Filter Driver 9.5 SP1 Patch 1 ======================================================================== - When preparing ESXi 5.5 for Deep Security Virtual Appliance (DSVA) 9.5 deployment, you get the following error during Filter Driver installation: "The installation transaction failed". Refer to http://esupport.trendmicro.com/solution/en-US/1102068.aspx for complete details on the recommended action. [22285] 8. Release History ======================================================================== See the following website for more information about updates to this product: http://www.trendmicro.com/download - Deep Security Filter Driver 9.5, Build 9.5.2-1933, August 21, 2014 - Deep Security Filter Driver 9.5 SP1, Build 9.5.3-2750, January 30, 2015 8.1 Deep Security Filter Driver 9.5.2-1933 ===================================================================== 8.1.1 Enhancements ===================================================================== Improvements to Security and Software Update Management - Improved visibility into Update status - Improved accessibility to Software Updates 8.1.2 Resolved Known Issues ===================================================================== - This release includes all resolved issues that were resolved in Deep Security 9.0 SP1 Patch 3 except those explicitly listed in the section "Known Issues in Deep Security Filter Driver 9.5" below. 8.2 Deep Security Filter Driver 9.5.3-2750 ===================================================================== 8.2.1 Enhancements ===================================================================== SSL Enhancements - Extended SSL Support for TLS 1.2 and the following ciphers: TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 8.2.2 Resolved Known Issues ===================================================================== This patch resolves the following issues: Issue: [25245/25253/TT312705/TT309275/TT309408] Random errors displayed on purple screens are being observed on the ESXi 5.5 Host due to possible deadlock when trying to clean up the host entry. Solution: This fix takes care of clean up process properly and ensures that the error will not happen on ESXi hosts. 9. Files Included in This Release ======================================================================== This release is a complete installation. Use one of the following files: FilterDriver-ESX_5.0-9.5.3-4000.x86_64.zip 10. Contact Information ======================================================================== A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our Web site. Global Mailing Address/Telephone Numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/us/about-us/index.html The Trend Micro "About Trend Micro" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 11. About Trend Micro ======================================================================== Trend Micro, Inc. provides virus protection, anti-spam, and content-filtering security products and services. Copyright 2015, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, Deep Security and "deep security solutions" are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ======================================================================== Information about your license agreement with Trend Micro can be viewed at: http://us.trendmicro.com/us/about/company/user_license_agreements/ ======================================================================== (C) 2015 Trend Micro Inc. All rights reserved. Published in Canada.