<> Trend Micro Incorporated January 23, 2020 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ServerProtect(TM) for NetApp(TM) Filers 5.8 Service Pack 1 Patch 2 Build 1281 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Note: This readme file was current as of the date above. However, all customers are advised to check Trend Micro's web site for documentation updates at: http://docs.trendmicro.com/ Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro web site. Register during installation or online at: http://olr.trendmicro.com/ Contents =================================================================== 1. About ServerProtect for NetApp Filers 5.8 1.1 Overview of this Release 1.2 Who Should Install this Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation/Uninstallation 5.1 Installation 5.2 Uninstallation 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Files Included in this Release 10. Contact Information 11. About Trend Micro 12. License Agreement =================================================================== 1. About ServerProtect for NetApp Filers ====================================================================== ServerProtect for Network Appliance filers is designed to provide network-wide, comprehensive antivirus scanning for the Network Appliance filer line of data storage systems. Managed through an intuitive and portable console, ServerProtect provides virus outbreak management, centralized virus scanning, virus pattern file updates, event reporting, and antivirus configuration. 1.1 Overview of this Release =================================================================== ServerProtect for NetApp Filers 5.8 Service Pack 1 Patch 2 allows the Information Server to automatically update the Normal Server with the latest version. Patch 2 also upgrades the TMI CMAgent to an MCP CMAgent. 1.2 Who Should Install this Release =================================================================== You should install this Patch if you are running ServerProtect 5.80 for NetApp Filers Build 1075 or any higher version. 2. What's New ====================================================================== NOTE: Please install this Patch before completing any procedure in this section (see "Installation"). This Patch addresses the following issues and includes the following enhancements: 2.1 Enhancements =================================================================== The following enhancements are included in this release: Enhancement 1: [Hotfix 1231 EN] [Hotfix 1232 JP] Virus Name Information - This patch enables ServerProtect 5.8 for Network Appliance Filers to display the long virus names instead of the short virus names. Enhancement 2: [Critical Patch 1245 EN] Microsoft(TM) Windows(TM) Compatibility - This patch adds a special antivirus program compatibility registry key to the Normal Server and Information Server. Microsoft checks for this special registry key value on the computer before running the next Security Update for Windows. NOTE: Microsoft KB4056892 was released in January 4, 2018 and requires the new registry key installed before you can apply the update. For more information about Microsoft KB4056892, refer to the following link: https://support.microsoft.com/en-us/help/4056892/ windows-10-update-kb4056892 This registry is created automatically each time the spntsvc restarts even after this key has been deleted. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 2: To disable this behavior: a. Install this patch (see "Installation"). b. Open the Registry Editor. c. Add the following key: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\SpntService Key: DisableSUVPCompat Type: REG_DWORD Value: 0x00000001 Enhancement 3: [Hotfix 1269 EN] Event Logs - This patch enables the Normal Server to generate scan fail logs for Manual/Scheduled Scans, Real-time Scans, and Netapp Storage Scans. Enhancement 4: [SPNT Hotfix 1494 JP] HTTPS Connection – This patch updates MCP SDK to version 5.0.0.2270, to enable it to provides several cipher suites when starting an HTTPS connection. Enhancement 5: [SPNT Hotfix 1518 JP] Event Logs - This patch enables ServerProtect to use an ellipsis (...) when displaying server names that are too long in logs. Enhancement 6: [SPFS Hotfix 1179 JP] Manual/Scheduled Scans - This patch allows users to set the sleep time between scanning each folder during a manual scan or scheduled scan. Adjusting this time interval can help balance ServerProtect for NetApp Filers's CPU usage with its scan speed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 6: To set the sleep time between scanning each folder during a manual scan or scheduled scan: a. Install this patch (see "Installation"). b. Open the Registry Editor on the Normal Server. c. Add the following key and set the time interval in milliseconds. Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\SpntService Key: ManualScanWaitTime Type: DWORD Value: The default value is "0", the unit is milliseconds d. Restart the Normal Server service. Enhancement 7: [SPFS Patch 1 1194 EN] Real-Time Scan - This patch enables ServerProtect for NetApp Filers to exclude processes during real-time scans. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 7: To configure the Exclude Process List: a. Install this patch (see "Installation"). b. Open the Registry Editor. c. Add the following key: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\Engine\ Exception Key: ProcessList Type: Multi-String Value Value: specify the process full path to this ProcessList d. Restart the Normal Server service. Enhancement 8: [SPFS Hotfix 1214 JP] Management Console - This patch enables the Information Server to verify the version information of any Management Console that attempts to connect to it. This helps ensure that the correct Management Console version connects to the Information Server. NOTE: If your Management Console is not installed in the same path as the Information Server, please refer to Section 5.1 Installation for the steps to replace files for the Management Console. Enhancement 9: [SPFS Hotfix 1214 JP] Management Console - This patch enables the Information Server to display its version information in the Management Console middle tree control list by default. NOTE: The Management Console will be able to connect only to an Information Server with the same version. Enhancement 10: [SPFS Hotfix 1214 JP] CMAgent - This patch enables CMAgent to keep its previous status (registered/unregistered) after a patch is applied. Enhancement 11: [SPFS Hotfix 1224 JP] Event Logs - This patch adds an alert log for instances when the last manual scan or task scan did not complete normally. Enhancement 12: CMAgent - This patch changes the CMAgent service name in BIF content from "TrendMicro Infrastructure" to ServerProtectCMAgent". Enhancement 13: Notifications - This patch ensures that the action information is not truncated in "SNMP trap" and "Internet email" notifications that contain long virus names. Enhancement 14: CMAgent - This patch adds the "msvcr71.dll" library to the "[Product Folder]\Trend\SProtect" folder to ensure that the MCP CMAgent service is installed successfully. Enhancement 15: This patch increases the ActiveUpdate session timeout of the Management Console to 10 minutes. Enhancement 16: This patch enables the network send/receive timeout configuration for ActiveUpdate. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 16: To configure this feature: a. Install this patch (see "Installation"). b. Open the Registry Editor. c. Add the following key in Information Server: 32 bit OS: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\InformationServer 64 bit OS: Path: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TrendMicro\ ServerProtect\CurrentVersion\InformationServer Key: AUNetworkTimeout Type: String(REG_SZ) Value: timeout value(Seconds) Enhancement 17: This patch enables the network connection timeout configuration for ActiveUpdate. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 17: To configure this feature: a. Install this patch (see "Installation"). b. Open the Registry Editor. c. Add the following key in the Information Server: 32 bit OS: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\InformationServer 64 bit OS: Path: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ TrendMicro\ServerProtect\CurrentVersion\ InformationServer Key: AUConnectTimeout Type: String(REG_SZ) Value: timeout value(Seconds) Enhancement 18: This patch updates the Management Communication Protocol (MCP) SDK to version 5.0.0.2363 to resolve some vulnerabilities. 2.2 Resolved Known Issues =================================================================== This patch resolves the following issues: Issue 1: [Hotfix 1236 EN] [Hotfix 1237 JP] When ServerProtect 5.8 for Network Appliance Filers is installed on Microsoft Windows Server 2016, the wrong platform version appears on the Management Console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This patch ensures that the correct platform version appears on the Management Console. Issue 2: [Hotfix 1236 EN] [Hotfix 1237 JP] When ServerProtect 5.8 for Network Appliance Filers is installed on Microsoft Windows Server 2016 and registered to Trend Micro Control Manager(TM), the wrong operating system information appears on the Control Manager web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This patch ensures that the correct operating system information appears on the Control Manager web console. Issue 3: [Hotfix 1238 JP] After installing ServerProtect 5.80 for Network Appliance Filers Japanese Version Service Pack 1 Patch 1, "StUpdate.exe" stops generating logs for pattern and engine updates. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This patch ensures that "StUpdate.exe" generates logs for pattern and engine updates. Issue 4: [Hotfix 1239 JP] [Hotfix 1240 EN] After installing ServerProtect 5.80 for Network Appliance Filers Japanese Version Service Pack 1 Patch 1, garbled characters appear in the "action" field of email alerts for virus detected by the RPC scanner. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This patch ensures that email alerts display information properly. Issue 5: [Hotfix 1242 EN] [Hotfix 1243 JP] A protected computer may encounter blue screen of death (BSoD) when certain virus pattern operations are called at the same time. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This patch adds the RWLock feature for certain VSAPI functions to make sure that these APIs do not call virus patterns at the same time. Issue 6: [Hotfix 1244 JP] The "spntsvc.exe" service may stop unexpectedly while attempting to free the "NtApRpc.dll" library when the RPC scan threads are handling scan requests. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This patch enables ServerProtect for Network Appliance Filers to force RPC scan threads to exit in time when the "spntsvc.exe" service frees the "NtApRpc.dll" library. Issue 7: [Hotfix 1257 EN] [Hotfix 1258 JP] ServerProtect for Network Appliance Filers cannot apply engine and pattern updates from Control Manager 7.0 because the PatchAgent component cannot be downloaded successfully. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This patch resolves the issue by adding the PatchAgent information into the product profile that ServerProtect for Network Appliance Filers sends to Control Manager. This helps ensure that PatchAgent can be downloaded from Control Manager so that engine and pattern updates can be applied successfully. Issue 8: [SPNT Hotfix 1465 EN] An issue prevents the exclusion extensions setting from working normally after the Normal Server restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This patch resolves the issue to ensure that the exclusion extensions setting works normally. Issue 9: [SPNT Hotfix 1473 JP] If the CMAgent service starts before the EarthAgent service, the Normal Server may appear offline in the Control Manager status bar even when it is actually online. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: This patch enables CMAgent to continuously register to the Information Server while it starts up and to check if the Module_Active task has been completed when the Information Server service starts. This helps ensure that the correct Normal Server status appears on the Control Manager status bar. Issue 10: [SPNT Hotfix 1518 JP] When the Information Server's home path is added to the scan exclusion folder, it will be deleted unexpectedly after ServerProtect downloads a component update. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: This patch ensures that the Information Server's home path is not deleted unexpectedly from the scan exclusion folder while ServerProtect downloads component updates. Issue 11: [SPNT Hotfix 1521 JP] When the Information Server password is longer than 16 characters, silent installation fails. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: This patch ensures that silent installation proceeds normally under the scenario described above. Issue 12: [SPNT Hotfix 1524 JP] Normal Server silent installation fails on a target server running Windows Server 2016 if the corresponding source server (Information Server) was installed using any installation package released before ServerProtect 5.8 Repack 3. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: This patch ensures that users can silently install the Normal Server on a target server running Windows Server 2016. Issue 13: [SPNT Hotfix 1528 JP] The status of a Normal Server appears as "service stop" on the Control Manager web console but the ServerProtect web console indicates that the Normal Server is working normally. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: This patch resolves the issue by adding a validity check when the MCP CMAgent receives the response for the CMD_REGISTER command from the Information Server. Issue 14: [SPFS Hotfix 1126 EN] When the C-mode Filer has been removed or unregistered from ServerProtect for NetApp Filers but the scanner server is still configured in the C-mode Filer, AV-Connector will still send scan requests to ServerProtect for NetApp Filers. As a result, the C-mode Filer may stop responding. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: This patch enables the RPC Scanner in ServerProtect for NetApp Filers to reject requests from the AV-Connector if the filer has been removed or unregistered from ServerProtect for NetApp Filers. Issue 15: [SPFS Hotfix 1126 EN] When the first action fails, the second action does not appear in email virus notifications. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: This patch ensures that the action description in email virus notifications are consistent with the information in the corresponding log records. Issue 16: [SPFS Hotfix 1152 JP] Under certain conditions, a heap corruption issue triggers the Japanese version of ServerProtect for NetApp Filers 5.8 to stop unexpectedly while its spntsvc service attempts to send an email notification. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: This patch ensures that ServerProtect for NetApp Filers allocates enough memory to operate to prevent the heap corruption issue so it can send out email notifications normally. Issue 17: [SPFS Hotfix 1163 JP] When ServerProtect for NetApp Filers scans files in a C-mode filer, it will request to set-up an SMB session each time it opens a file. As a result, it takes longer to scan files in C-mode filers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 17: This patch enables all scan threads to establish a persistent network connection for every C-mode filer address sent from the AV connector. This eliminates the need to set-up an SMB session each time ServerProtect for NetApp Filers opens a file in a C-mode filer for scanning. Issue 18: [SPFS Hotfix 1169 EN] CMAgent stops responding when it receives certain abnormal commands. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 18: This patch enables CMAgent to handle abnormal commands. Issue 19: [SPFS Hotfix 1205 EN] The Message Box notifications are disabled since Microsoft Windows Server 2008. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 19: This patch replaces the "NetMessageBufferSend" function with Windows Terminal Services (WTS) API to re-enable Message Box notifications on Windows Server 2008 and any later versions. Please refer to the following KB link for more details on how to use this feature: http://intkb.trendmicro.com/solution/ default.aspx?alttemplate= esupportenhancesolution&mode= preview&locale=en-US&solutionId=1120585 Issue 20: [SPFS Hotfix 1214 JP] Sometimes, the SPNTSVC process stops unexpectedly because of an invalid memory access issue in "tmnotify.dll". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 20: This patch resolves the issue by preventing the invalid memory access issue. Issue 21: [SPFS Hotfix 1216 JP] Sometimes, the "Message-ID" column in notification email messages displays duplicate message IDs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 21: This patch resolves the issue by ensuring that ServerProtect for NetApp Filers generates and assigns unique message IDs. Issue 22: [SPFS Hotfix 1220 JP] ServerProtect for NetApp Filers cannot deploy pattern files if there is a "Program" file in the "C:" drive. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 22: This patch resolves the issue by ensuring that ServerProtect for NetApp Filers can deploy pattern files successfully. Issue 23: [SPFS Hotfix 1226 EN] CMAgent sends incorrect operating system information to Control Manager when the current operating system is Windows Server 2019. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 23: This patch makes sure that CMAgent submits the correct operating system information to Control Manager. Issue 24: [SPFS Hotfix 1243 EN] Sometimes, file scan fails on Network Appliance Cluster-Mode devices when the server name for ServerProtect for NetApp Filers contains lowercase letters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 24: This patch ensures that file scans are successful even when the server name for ServerProtect for NetApp Filers contains lowercase letters. Issue 25: [SPFS Hotfix 1243 EN] A "The specified network password is not correct" error appears when users add devices with long domain names on the Management Console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 25: This patch resolves this issue by extending the size of the array that holds domain names. Issue 26: Management Console can't show Information Server's version after Information Server restart. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 26: This patch resolves this issue by refreshing version after Information Server restart. Issue 27: The Management Communication Protocol (MCP) CMAgent installation fails when the system checks the ServerProtect Information Server version. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 27: This patch resolves this issue by adjusting the version of the "earthagent.exe" function. 3. Documentation Set ====================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com In addition to this Readme file, the documentation set for this product includes the following: - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining ServerProtect. - Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get ServerProtect "up and running". - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. To access the Support Portal, go to http://esupport.trendmicro.com 4. System Requirements ====================================================================== 4.1 Normal Server ------------------ * CPU: 2.5 GHz Intel(R) Pentium(TM) IV processor or 3.0 GHz EM64T Intel processor or 2.0 GHz AMD Athlon(TM) 64-bit processor (or equivalent) * DRAM: Minimum 1 GB, 2 GB recommended * Operating System: - Microsoft Windows Server 2003 Standard/Enterprise Service Pack 2 or above (x86) - Microsoft Windows Server 2003 Standard/Enterprise Service Pack 2 or above (x64) - Microsoft Windows Server 2003 R2 Standard/Enterprise Service Pack 2 (x86) - Microsoft Windows Server 2003 R2 Standard/Enterprise Service Pack 2 (x64) - Microsoft Windows Server 2008 Standard/Enterprise Service Pack 2 (x86) - Microsoft Windows Server 2008 Standard/Enterprise Service Pack 2 (x64) - Microsoft Windows Server 2008 R2 Standard/Enterprise Service Pack 1 (x64) - Microsoft Windows 2008 Server Core - Microsoft Windows Server 2012 Foundation Edition - Microsoft Windows Server 2012 Essentials Edition - Microsoft Windows Server 2012 Standard Edition - Microsoft Windows Server 2012 Datacenter Edition - Microsoft Windows Storage Server 2012 Standard Edition - Microsoft Windows Storage Server 2012 Workgroup Edition - Microsoft Windows Server 2012 R2 Foundation Edition - Microsoft Windows Server 2012 R2 Essentials Edition - Microsoft Windows Server 2012 R2 Standard Edition - Microsoft Windows Server 2012 R2 Datacenter Edition - Microsoft Windows Storage Server 2012 R2 Standard Edition - Microsoft Windows Storage Server 2012 R2 Workgroup Edition - Microsoft Windows Server 2016 Standard Edition - Microsoft Windows Server 2016 Datacenter Edition - Microsoft Windows Server 2016 Essentials Edition - Microsoft Windows Storage Server 2016 Standard - Microsoft Windows Storage Server 2016 Workgroup - Microsoft Windows Server 2019 Standard Edition - Microsoft Windows Server 2019 Datacenter Edition - Microsoft Windows Server 2019 Essentials Edition - Microsoft Windows Server IoT 2019 * Disk Space: 1 GB * A CD-ROM drive if the installation is performed locally * Network protocols and services: TCP/IP, Microsoft Network and RPC services must be running on Windows Server family operating system 4.2 Information Server ----------------------- * CPU: 3.0 GHz Intel Pentium IV processor or 3.0 GHz EM64T Intel processor or 2.0 GHz AMD Athlon 64-bit processor (or equivalent) * DRAM: Minimum 1 GB, 2 GB recommended * Operating System: - Microsoft Windows Server 2003 Standard/Enterprise Service Pack 2 or above (x86) - Microsoft Windows Server 2003 Standard/Enterprise Service Pack 2 or above (x64) - Microsoft Windows Server 2003 R2 Standard/Enterprise Service Pack 2 (x86) - Microsoft Windows Server 2003 R2 Standard/Enterprise Service Pack 2 (x64) - Microsoft Windows Server 2008 Standard/Enterprise Service Pack 2 (x86) - Microsoft Windows Server 2008 Standard/Enterprise Service Pack 2 (x64) - Microsoft Windows Server 2008 R2 Standard/Enterprise Service Pack 1 (x64) - Microsoft Windows 2008 Server Core - Microsoft Windows Server 2012 Foundation Edition - Microsoft Windows Server 2012 Essentials Edition - Microsoft Windows Server 2012 Standard Edition - Microsoft Windows Server 2012 Datacenter Edition - Microsoft Windows Storage Server 2012 Standard Edition - Microsoft Windows Storage Server 2012 Workgroup Edition - Microsoft Windows Server 2012 R2 Foundation Edition - Microsoft Windows Server 2012 R2 Essentials Edition - Microsoft Windows Server 2012 R2 Standard Edition - Microsoft Windows Server 2012 R2 Datacenter Edition - Microsoft Windows Storage Server 2012 R2 Standard Edition - Microsoft Windows Storage Server 2012 R2 Workgroup Edition - Microsoft Windows Server 2016 Standard Edition - Microsoft Windows Server 2016 Datacenter Edition - Microsoft Windows Server 2016 Essentials Edition - Microsoft Windows Storage Server 2016 Standard - Microsoft Windows Storage Server 2016 Workgroup - Microsoft Windows Server 2019 Standard Edition - Microsoft Windows Server 2019 Datacenter Edition - Microsoft Windows Server 2019 Essentials Edition - Microsoft Windows Server IoT 2019 * Disk Space: 1 GB * A CD-ROM drive if the installation is performed locally * Network protocols and services: TCP/IP, Microsoft Network, and RPC services must be running on Windows Server family operating system * The services listed above must be running on the installed machine. Trend Micro recommends an allocated bandwidth usage of minimum 128 Kilobytes per second to optimize deployment of component updates between ServerProtect Information Server and Normal Server. If RPC communication malfunctions over either the Named Pipe protocol or TCP, ServerProtect 5.8 will automatically switch from the non-functioning protocol to the other. To manage the Windows Server, an Information Server must be installed. * For ActiveUpdate 2.8, additional 3 GB disk space is required if Smart Duplicate is enabled. In this case, the cached pattern number must be set to the value of 14. 4.3 Management Console ----------------------- * CPU: 2.5 GHz Intel Pentium IV processor or 3.0 GHz EM64T Intel processor or 2.0 GHz AMD Athlon 64-bit processor (or equivalent) For Server Environment: * DRAM: Minimum 1 GB, 2 GB recommended * Operating System: - Microsoft Windows Server 2003 Standard/Enterprise Service Pack 2 or above (x86) - Microsoft Windows Server 2003 Standard/Enterprise Service Pack 2 or above (x64) - Microsoft Windows Server 2003 R2 Standard/Enterprise Service Pack 2 (x86) - Microsoft Windows Server 2003 R2 Standard/Enterprise Service Pack 2 (x64) - Microsoft Windows Server 2008 Standard/Enterprise Service Pack 2 (x86) - Microsoft Windows Server 2008 Standard/Enterprise Service Pack 2 (x64) - Microsoft Windows Server 2008 R2 Standard/Enterprise Service Pack 1 (x64) - Microsoft Windows Server 2012 Foundation Edition - Microsoft Windows Server 2012 Essentials Edition - Microsoft Windows Server 2012 Standard Edition - Microsoft Windows Server 2012 Datacenter Edition - Microsoft Windows Storage Server 2012 Standard Edition - Microsoft Windows Storage Server 2012 Workgroup Edition - Microsoft Windows Server 2012 R2 Foundation Edition - Microsoft Windows Server 2012 R2 Essentials Edition - Microsoft Windows Server 2012 R2 Standard Edition - Microsoft Windows Server 2012 R2 Datacenter Edition - Microsoft Windows Storage Server 2012 R2 Standard Edition - Microsoft Windows Storage Server 2012 R2 Workgroup Edition - Microsoft Windows Server 2016 Standard Edition - Microsoft Windows Server 2016 Datacenter Edition - Microsoft Windows Server 2016 Essentials Edition - Microsoft Windows Storage Server 2016 Standard - Microsoft Windows Storage Server 2016 Workgroup - Microsoft Windows Server 2019 Standard Edition - Microsoft Windows Server 2019 Datacenter Edition - Microsoft Windows Server 2019 Essentials Edition - Microsoft Windows Server IoT 2019 For Client Environment: * DRAM: Minimum 512 MB, 1 GB recommended * Operating System: - Microsoft Windows XP Professional Service Pack 2 or Service Pack 3 (x86) - Microsoft Windows XP Professional Service Pack 2 or Service Pack 3 (x64) - Microsoft Windows Vista Business/Enterprise/Ultimate Service Pack 1 (x86) - Microsoft Windows Vista Business/Enterprise/Ultimate Service Pack 1 (x64) - Microsoft Windows 7 Professional/Enterprise/Ultimate Service Pack 1 (x86) - Microsoft Windows 7 Professional/Enterprise/Ultimate Service Pack 1 (x64) - Microsoft Windows 8/Windows 8 Pro/Windows 8 Enterprise 32-bit - Microsoft Windows 8/Windows 8 Pro/Windows 8 Enterprise 64-bit - Microsoft Windows 8.1/Windows 8.1 Pro/Windows 8.1 Enterprise 32-bit - Microsoft Windows 8.1/Windows 8.1 Pro/Windows 8.1 Enterprise 64-bit - Microsoft Windows 10/Windows 10 Pro/Windows 10 Enterprise 32-bit - Microsoft Windows 10/Windows 10 Pro/Windows 10 Enterprise 64-bit * Disk Space: 500 MB * A monitor with resolution of 1024x768 or higher * A CD-ROM drive * Network protocols and services: TCP/IP, Microsoft Network, and RPC services must be running on Windows Server family operating system 4.4 NetApp Filer and Hitachi NAS ---------------------------------------------------------- To communicate with ServerProtect, the virus scan function must be enabled on the NetApp Filer and Hitachi NAS. The NetApp Filer proprietary operating system: - Data ONTAP 7.x Series - Data ONTAP 8.x Series 7-Mode - Data ONTAP 8.x Series Cluster-Mode - Data ONTAP 9.x Series Cluster-Mode - ONTAP Select 9.x Series Cluster-Mode NOTE: A NetApp Cluster-Mode AVShim (called by NetApp as Clustered Data ONTAP Antivirus Connector) cannot be deployed on Windows Server 2003 but must be installed on the same computer with the Normal Server. If you want to use a Cluster-Mode AVShim, install the Normal Server on a Windows operating system later than Windows Server 2003. Hitachi NAS: - HNAS firmware 7.0.x - HNAS firmware 8.1.x - HNAS firmware 10.x/11.x/12.x For optimal scanning performance, Trend Micro recommends the connection between NetApp filer or Hitachi NAS and a Scan Server to have a bandwidth of at least 1 Gigabit per second. NOTE: The Scan Server must be located in the same domain as Hitachi NAS to correctly support the virus scan option. 5. Installation/Uninstallation ====================================================================== 5.1 Installation =================================================================== To apply this Patch from the same computer as the Information Server: 1. Close the Management Console. If this is not running at the time of installation, proceed with the next step. 2. If your Information Server are running Windows Server 2008 R2 or below, install x86 version of "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package MFC Security Update" on your Information Servers before applying this patch. Download the Microsoft package from the following location: https://www.microsoft.com/en-us/download/details.aspx?id=26347 3. Copy the "spnaf_580_win_en_sp1_p2_b1281.exe" patch installation file to a temporary folder. 4. Run the Patch file. The license screen appears. 5. If you disagree with the terms of the legal agreement, choose the "I do not agree with the terms of the legal agreement." option and click "Cancel" to abort the installation. Otherwise, choose the "I accept the terms of the legal agreement" and click "Next". The "readme" appears. 5. Read the contents of the readme carefully and click "Install". A message-box may appear to remind you that the Trend Micro Infrastructure (TMI) CMAgent will be migrated to MCP CMAgent only when the TMI CMAgent is installed on the Information Server. 6. If you prefer not to upgrade the TMI CMAgent to the MCP CMAgent, click "No" and the installation aborts. Otherwise, click "Yes". NOTES: - Once the TMI CMAgent is installed on the Information Server, the TMI agent will be automatically upgraded to the MCP CMAgent. - If the TMI CMAgent is not installed on the Information Server, or MCP CMAgent is not installed on the Information Server, a "Trend Micro strongly recommends installing MCP CMAgent for ServerProtect. Click "Yes" to install the MCP CMAgent now, or click "No" to install it later." message box appears after copying all patch files. If you want to install the MCP CMAgent click "Yes", otherwise, click "No". The "MCP_CMAgent.exe" installation package will be copied to the ".\SProtect\SMS\CMAgent\" folder. You can run the package to install the MCP CMAgent. - The Information Server deploys the Patch to Normal Servers 30 seconds after the installation is completed and restarts the ServerProtect services. If the installation does not complete successfully, contact Trend Micro technical support. To apply this Patch to a Management Console that is not associated with the computer hosting the Information Server: 1. Apply the Patch to the Information Server. 2. Close the Management Console. 3. Go to the Management Console home directory and backup the following files to another location. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - spuninst.exe - spuninstrc.DLL 4. On the Information Server, copy the following files from the Information Server home directory to the Management Console home directory to overwrite the local files. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - spuninst.exe - spuninstrc.DLL 5.2 Uninstallation =================================================================== To roll back to the previous build: 5.2.1 Uninstallation of Information Server and Normal Server ------------------------------------------------------------------- 1. On the Normal Server, run the following Shell command to stop the Normal Server service: net stop spntsvc 2. On the Information Server, run the following Shell command to stop the Information Server service: net stop earthagent 3. On the Information Server, run the following Shell command to stop the CMAgent service: net stop ServerProtectCMAgent 4. On the Normal Server, rename the backup files in the ServerProtect home directory and use them to replace the current files. The names of the backup files have "bak" in the extension. 5. On the Information Server, open the Information Server's home directory and copy the files from the ".\backup_sp1_p2\filegroup10" folder to the current directory. 6. On the Information Server, open CMAgent's home directory and copy the files from the "..\backup_sp1_p2\filegroup103" folder to the current directory. 7. On the Information Server, a. Open "Agent.ini" in CMAgent's home directory. b. Set the "Agent_BuildNumber" key in the "Common" section to the previous version. c. Set the "Agent_Version" key in the "Common" section to the previous version. d. Open "Product.ini" in CMAgent's home directory. e. Set the "UpdateInfo" key in the "Product_Info" section to 1. f. Set the "MenuVersion" key in the "Product_Info" section to the previous version. The previous version can be checked in the following file: .\backup_sp1_p2\filegroup103\ProductUI.zip\ProductInfo.xml 8. On the Normal Server, run the following command to start the Normal Server service: net start spntsvc 9. On the Information Server, run the following command to start the Information Server service: net start earthagent 10.On the Information Server, run the following command to start the CMAgent service: net start ServerProtectCMAgent 5.2.2 Uninstallation of MCP CMAgent ------------------------------------------------------------------- Since the previous TMI CMAgnet will not be supported any longer, Trend Micro does NOT recommend uninstalling MCP CMAgent. 5.2.3 Uninstalling the Management Console ------------------------------------------------------------------- NOTE: It is not necessary to rollback the Management Console separately. You should rollback the Management Console only when it is not installed on the same machine as the Information Server. 1. On Management Console, open the backup directory of the following files in the installation section: - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - spuninst.exe - spuninstrc.DLL 2. Copy the files in the list above to the Management Console home directory to overwrite the local files. 6. Post-installation Configuration ====================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 7. Known Issues ====================================================================== 7.1 Empty domains are not displayed in Control Manager. =================================================================== Empty domain information is not updated to the Control Manager server, and therefore will not be displayed on the Control Manager server. 7.2 Previous versions of the ServerProtect Management Console cannot be used to manage the ServerProtect 5.8 Information Server. =================================================================== The version used for the Management Console must be the same as the version used for the Information Server. 7.3 The ServerProtect 5.8 Management Console cannot be used to manage previous versions of the ServerProtect Information Server. =================================================================== The version used for the Management Console must be the same as the version used for the Information Server. 7.4 Control Manager cannot manage ServerProtect normally when the Information Server version is 5.8 and the Normal Server version is 5.62. =================================================================== When the Information Server is upgraded to version 5.8 from 5.62 and the Normal Server that is managed by this Information Server is still in version 5.62, Control Manager will not be able to manage the ServerProtect 5.62 Normal Server normally. 7.5 Macro viruses are treated as file viruses. =================================================================== Macro viruses may be treated as file viruses even if the action against macro viruses is specified in "Set Virus Action". This occurs because the virus scan engine considers some kinds of macro viruses as file viruses. The "Virus type" for these macro viruses displays as "File viruses" in the "detailed information" of virus logs. 7.6 The CMAgent installation package cannot support domain names in Unicode character format. =================================================================== If the domain name is in Unicode format, the CMAgent displays the "Call to RegDBQueryKey failed" error message. 8. Release History ====================================================================== Previous releases include the following: - ServerProtect for NetApp Filers 5.31, September 10, 2001 - ServerProtect for NetApp Filers 5.60, October 7, 2003 - ServerProtect for NetApp Filers 5.61, December 22, 2003 - ServerProtect for NetApp Filers 5.62, September 6, 2005 - ServerProtect for NetApp Filers 5.8, March 1, 2010 - ServerProtect for NetApp Filers 5.80 Service Pack 1, May 27, 2014 - ServerProtect for NetApp Filers 5.80 Service Pack 1 Patch 1, February 16, 2016 9. Files Included in this Release ====================================================================== Module Filename Build No. ------------------------------------------------------------------- Management Console Admin.exe 5.80.0.1281 AgentClient.dll 5.80.0.1281 Adm_enu.dll 5.80.0.1281 ADM_ENU.chm n/a spuninst.exe 5.80.0.1281 spuninstrc.DLL 5.80.0.1281 Information Server AgentClient.dll 5.80.0.1281 CheckEVC.dll 5.80.0.1281 DeployTool.exe 5.80.0.1281 EarthAgent.exe 5.80.0.1281 EventMsg2.dll 5.80.0.1281 GetRemoteVer.dll 5.80.0.1281 msvcr71.dll 7.10.3052.4 Notification.dll 5.80.0.1281 Quarantine.exe 5.80.0.1281 RemoteInstall.exe 5.80.0.1281 StCommon.dll 5.80.0.1281 StHotfix.exe 5.80.0.1281 StRpcCln.dll 5.80.0.1281 StUpdate.exe 5.80.0.1281 TmNotify.dll 5.80.0.1281 _Setup.dll 12.0.0.49974 data1.cab n/a data1.hdr n/a data2.cab n/a ISSetup.dll 12.0.0.58851 setup.exe 12.0.0.58849 setup.inx n/a spuninst.exe 5.80.0.1281 spuninstrc.DLL 5.80.0.1281 32-bit Normal Server AgRpcCln.dll 5.80.0.1281 CheckEVC.dll 5.80.0.1281 GetRemoteVer.dll 5.80.0.1281 Quarantine.exe 5.80.0.1281 SP5NSlst.ini n/a spuninst.exe 5.80.0.1281 spuninstrc.dll 5.80.0.1281 StHotfix.exe 5.80.0.1281 StRpcCln.dll 5.80.0.1281 TmOpp.dll 5.80.0.1281 eng50.dll 5.80.0.1281 LogMaster.dll 5.80.0.1281 Notification.dll 5.80.0.1281 NtApRPC.dll 5.80.0.1281 LogViewer.exe 5.80.0.1281 DCE.dll 5.80.0.1281 StRpcSrv.dll 5.80.0.1281 SpntSvc.exe 5.80.0.1281 StUpdate.exe 5.80.0.1281 StCommon.dll 5.80.0.1281 SPCommonLog.dll 5.80.0.1281 SPLog.conf 5.80.0.1281 log4cxx.dll 5.80.0.1281 EventMsg2.dll 5.80.0.1281 AgentClient.dll 5.80.0.1281 StOPP.exe 5.80.0.1281 TmNotify.dll 5.80.0.1281 LogDb.dll 5.80.0.1281 LogDbTool.dll 5.80.0.1281 64-bit Normal Server AgRpcCln.dll 5.80.0.1281 CheckEVC.dll 5.80.0.1281 GetRemoteVer.dll 5.80.0.1281 Quarantine.exe 5.80.0.1281 SP5NSlst.ini n/a spuninst.exe 5.80.0.1281 spuninstrc.dll 5.80.0.1281 StHotfix.exe 5.80.0.1281 StRpcCln.dll 5.80.0.1281 TmOpp.dll 5.80.0.1281 eng50.dll 5.80.0.1281 LogMaster.dll 5.80.0.1281 Notification.dll 5.80.0.1281 NtApRPC.dll 5.80.0.1281 LogViewer.exe 5.80.0.1281 DCE.dll 5.80.0.1281 StRpcSrv.dll 5.80.0.1281 SpntSvc.exe 5.80.0.1281 StUpdate.exe 5.80.0.1281 StUpdate_32.exe 5.80.0.1281 StCommon.dll 5.80.0.1281 SPCommonLog.dll 5.80.0.1281 SPLog.conf 5.80.0.1281 log4cxx.dll 5.80.0.1281 EventMsg2.dll 5.80.0.1281 AgentClient.dll 5.80.0.1281 StOPP.exe 5.80.0.1281 TmNotify.dll 5.80.0.1281 LogDb.dll 5.80.0.1281 LogDbTool.dll 5.80.0.1281 Control Manager Agent libMRF_AP.dll 1.12.0.1156 libMRF_CM.dll 1.12.0.1156 libMRF_Common.dll 1.12.0.1156 libMRF_DM.dll 1.12.0.1156 libMRF_Entity.dll 1.12.0.1156 libTMI_DataMarshal.dll 1.12.0.1156 mrf.exe 1.12.0.1156 MRF_CM.dll 1.12.0.1156 Entitymain.exe 2.50.0.1411 EN_Utility.dll 2.50.0.1411 LibEN_Conf.dll 2.50.0.1411 LibEN_Logger.dll 2.50.0.1411 libEN_SendLog.dll 2.50.0.1411 libEN_Product.dll 5.80.0.1281 Uninst.dll 5.80.0.1281 Normal Server Hot Fix File Hotfix.ini n/a MCP CMAgent ProductLibrary.dll 5.80.0.1281 CMAgent.exe 5.80.0.1281 ProductUI.zip n/a cgiCmdNotify.exe 5.0.0.2363 En_BlobConvertUtility.dll 5.0.0.2363 En_I18N.dll 5.0.0.2363 En_Utility.dll 5.0.0.2363 libapr-1.dll 1.1.1.0 libcurl.dll 7.66.0.0 libeay32.dll 1.0.2.20 ssleay32.dll 1.0.2.20 SSO_PKIHelper.dll 5.0.0.2363 TrendAprWrapperDll.dll 5.0.0.2363 zlib.dll 1.2.3.0 CMAgentLog.dll 5.80.0.1281 MySplashScreen.dll 5.80.0.1281 Patch Files Tmpatch.exe 2.2.0.1057 Setup.ini n/a readme.txt n/a license.txt n/a 10. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 11. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2019, Trend Micro Incorporated. All rights reserved. Trend Micro, ServerProtect, Control Manager, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ====================================================================== View information about your license agreement with Trend Micro at: www.trendmicro.com/us/about-us/legal-policies/license-agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide