Trend Micro Incorporated March 23, 2017 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Readme for Trend Micro (TM) Deep Security(TM) Agent 10.0 for Solaris(TM) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Deep Security Agent Platforms: Solaris 11 / 11.2 / 11.3 (64-bit, SPARC / x86) Solaris 10 Update 11 (64-bit, SPARC / x86) Date: March 9th, 2017 Release: 10.0 Build Version: 10.0.0-2094 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This product is subject to the terms detailed in the click through license agreement and copied to the install directory. For more information about the Trend Micro suite of Deep Security products, visit our website at: /Users/katee/Downloads/Assignment 1 (1).docx http://us.trendmicro.com/us/solutions/enterprise/security-solutions/ virtualization/deep-security/ Download the latest version of this readme from the "Software" page at the Trend Micro Download Center website: http://downloadcenter.trendmicro.com/ Trend Micro is always seeking to improve its documentation. If you have questions, comments, or suggestions about this or any other Trend Micro documents, please contact us at docs@trendmicro.com. Your feedback is always welcome. Contents =================================================================== 1. About Deep Security Agent 10.0 1.1 Overview of this Release 1.2 Who Should Install this Release 2. Release History 3. What's New 3.1 New in Deep Security 10.0 3.2 Resolved Known Issues 4. Documentation Set 5. System Requirements 6. Known Incompatibilities 7. Known Issues in Deep Security Agent 10.0 7.1 Known Issues From Deep Security Agent 9.0 SP1 Patch 5 8. Files Included in this Release 9. Contact Information 10. About Trend Micro 11. License Agreement 12. Third Party Software =================================================================== 1. About Deep Security 10.0 ======================================================================== 1.1 Overview of This Release ===================================================================== Deep Security 10.0 contains a number of new feature enhancements as well as bug fixes. For a complete list of the major changes in Deep Security 10.0 from previously released versions of Deep Security, please see the "What's New in Deep Security 10.0" page on the Deep Security Help Center: https://help.deepsecurity.trendmicro.com/What-is-new/release_10_0 .html 1.2 Who Should Install this Release ===================================================================== You should install Deep Security Agent 10.0 if you are currently running Deep Security Agent 8.0, or 9.0. 2. Release History ======================================================================== 10.0.0-2094 [March 9th, 2017] 3. What's New ======================================================================== 3.1 New in Deep Security 10.0 ===================================================================== Deep Security Agent 10.0 contains support for - Antimalware scanning 3.2 Resolved Known Issues ===================================================================== This release includes all resolved issues that were resolved in Deep Security 9.0 except those explicitly listed in the section "Known Issues in Deep Security Agent 10.0" below. 4. Documentation Set ======================================================================== In addition to this readme.txt, the documentation set for this product includes the following: o Information formerly contained in the Deep Security Installation Guides and Deep Security Administrator's Guide is now available on the Deep Security Help Center https://help.deepsecurity. trendmicro.com/Welcome.html and includes: -- product overview, deployment plan, installation steps and basic information intended to help you smoothly deploy Deep Security. -- post-installation instructions on how to configure the settings to help you get Deep Security "up and running". Also includes instructions on performing other administrative tasks for the day-to-day maintenance of Deep Security. o You can easily search the Help Center content or get context- sensitive help from your Deep Security Manager. 5. System Requirements ======================================================================== For a complete list of the System requirements, please refer to the Deep Security Help Center https://help.deepsecurity.trendmicro.com/Get-Started/Install/ system-requirements.html 6. Known Incompatibilities ======================================================================== There are no known incompatibilities for this release. 7. Known Issues in Deep Security Agent 10.0 ======================================================================== - Since Solaris 10u5 is not supported in this version, those users using Solaris 10u5 and u6 are affected and cannot upgrade to DSA 10.0 directly. We recommend either staying at DSA 9.0, or upgrading to Solaris 10u7+ by following Oracle's instructions, e.g. "Oracle Solaris 10 8/11 Installation Guide: Live Upgrade and Upgrade Planning". (DS-2723) - In this release, Linux and Solaris Agents do not drop ARP packets anymore. All ARP packets dropped by previous Agents will only be logged in DSA 10.0 or newer versions. The behaviour of the Windows Agent remains unchanged.(DS-5354) - When uninstalling Deep Security Agent on Solaris 11, warning message:"the following unexpected or editable files and directories were salvaged while executing the requested package operation; they have been moved to the displayed location in the image" will be shown. This is because the Solaris Image Packaging System (IPS) has removed the capability of packages to remove plugins and temporary files. Users can safely ignore the message and remove these files manually. (DS-2094) 7.1 Known Issues from Deep Security Agent 9.0 SP1 Patch 5 ======================================================================== - Deep Packet Inspection (DPI) is not supported over SSL connections when using IPv6. - If you want to use Point To Point Tunneling Protocol (PPTP) with Deep Security, you must modify some of the advanced settings. To apply the recommended modifications: a. Log in to Deep Security Manager and go to "System Settings > Network Engine". b. Check the "Advanced Settings" check box and set the following: - Filter IPV4 Tunnels: Disable detection of IPV4 Tunnels - Maximum Tunnel Depth: 4 - Action if Maximum Tunnel Depth Exceeded: Bypass c. Click "Save". [Deep Security 8.0 Tier 2-00200] - SYN Flood protection is only supported on versions 7.5 or earlier of the Windows Agents and on versions 7.5 or earlier of the Virtual Appliance. It is not supported on versions 7.5 SP1 or later of the Windows Agents or versions 7.5 SP1 or later of the Virtual Appliance. It is not supported on any versions of the Linux or Solaris Agents. - When installing pfil on Solaris, you may encounter the following error message during pkgadd: ## Executing postinstall script. grep: can't open "/etc/opt/pfil/iu.ap" This error message can be safely ignored. - If you start the Agent from a terminal session, the Agent may stop when the terminal window is closed. You can prevent this by performing the following steps: a. Open a command prompt and run the following command: vi /etc/init.d/ds_agent b. Change lines from ds_agent /var/opt/ds_agent to nohup ds_agent /var/opt/ds_agent > /dev/null 2>&1 c. Save the file and restart the Agent. - If you have installed a version of libiconv from "www.sunfreeware.com" that is newer than version 1.8, you may see the following warning when installing the Solaris Agent: WARNING: The package "libiconv from http://www.sunfreeware.com/" is a prerequisite package and should be installed. This message can be safely ignored. - If you have installed a version of libgcc from "www.sunfreeware.com" that is newer than version 3.4.6, you may see the following warning when installing the Solaris Agent: WARNING: The package "libgcc from http://www.sunfreeware.com/" is a prerequisite package and should be installed. This message can be safely ignored. - During upgrade, you may see an Agent upgrade failed error and the following system event: Processing package instance from pkgadd: ERROR: unable to make temporary directory This is caused by the pkgadd in Solaris creating an environment variable for the ds_agent process. To complete the upgrade, restart the ds_agent process on the Solaris machine and repeat the upgrade. The previous version of the ds_agent is still running and protecting the Solaris machine. - When the network engine is working in TAP mode and the in-guest agent is offline, the Deep Security Virtual Appliance status will be "Stand By". When this occurs, the Deep Security Virtual Appliance is actually online and DPI/FW events will still be logged when rules are triggered. [10948] - Log Inspection event logs are limited to 6000 characters. - In Solaris SPARC (9/10/11), when the Communication Direction between Deep Security Manager to Agent or Appliance is set to "Agent/Appliance Initiated", the Agent goes offline and into maintenance mode. When this happens, the Agent does not go back online even after users restart the Appliance or the Agent. To resolve this issue, users would need to either re-install the Agent or use bidirectional communication, which is always inherited when the Agent is added in the Deep Security Manager console. This issue will be fixed in the next patch release. 8. Files Included in this Release ======================================================================== This release is a complete installation. Use one of the following files depending on the Solaris platform: Agent-Solaris_5.11-10.0.0-2094.x86_64.zip Agent-Solaris_5.11-10.0.0-2094.sparc.zip Agent-Solaris_5.10_U7-10.0.0-2094.x86_64.zip Agent-Solaris_5.10_U7-10.0.0-2094.sparc.zip 9. Contact Information ======================================================================== A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our website. Global Mailing Address/Telephone Numbers: For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Us" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 10. About Trend Micro ======================================================================== Trend Micro, Inc. provides virus protection, anti-spam, and content-filtering security products and services. Copyright 2017, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, Deep Security, and "deep security solutions" are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 11. License Agreement ======================================================================== Information about your license agreement with Trend Micro can be viewed at: http://us.trendmicro.com/us/about/company/user_license_agreements/ 12. Third Party Software ======================================================================= The 3rd party software is subject to the licenses available in the following directory: [INSTALL DIRECTORY]\Licenses Where 3rd party licenses require open access to their source code, Trend Micro will provide the necessary materials upon written request. The Deep Security Agent has a kernel interface layer that is compiled specifically for each Linux kernel. Trend Micro install packages for Linux are provided with precompiled versions for the supported Linux distributions. Trend Micro distributes source code and build materials for the kernel interface layer by request made to: http://esupport.trendmicro.com/srf/srfmain.aspx with a Subject field of "Kernel Interface Layer Source Code". ======================================================================== (C) 2017 Trend Micro Inc. All rights reserved. Published in Canada.