Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 6 公開のお知らせ:サポート情報 : トレンドマイクロ
Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 6 リリース。
Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 6 を下記日程にて公開いたします。 ■ 公開開始日 2017 年 02 月 22 日 (水) ■ 対象モジュール Deep Security Manager Deep Security Virtual Appliance Linux 版 Deep Security Agent Windows 版 Deep Security Agent Windows 版 Deep Security Notifier ■ 追加機能/修正内容 追加機能や修正内容は付属のReadmeをご覧ください。 ※日本語のReadmeは一か月以内に公開いたします。
サポート情報 : トレンドマイクロ
Windows
2. What's New ======================================================================== 2.1 Enhancements ===================================================================== The following enhancement(s) are included in this release: Enhancement 1: [DSSEG-735] If a vCloud Director has been added into the Deep Security Manager under T0, and there is no multi- tenancy enabled and vCloud Director has Virtual Machines installed with Deep Security Agents and those virtual machines are using Fully Qualified Domain Name (FQDN), then agent-initiated activation using dsa_control command does not activate the virtual machine under the vCloud Director, but creates a new virtual machine record under computers and activates it. The same behaviour does not occur if virtual machine is not using FQDN. Note 1: This issue is not being reported if vCloud Director is being used under multi-tenant deployment with VCenter, ESXi, DSVA and VMs imported in T0 of DSM and vCloud is being added under TN. To handle this specific scenario, dsa_control -a option has been appended and added with "FQDN:false" sub-option which can be used as follows: dsa_control –a dsm://<DSMhostName_or_IPAddress>:4120:/ "FQDN:false" Note 1: The above command needs to be run manually or as a batch job, but cannot be downloaded as an option from deployment script from Deep Security Manager's Console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2.2 Resolved Known Issues ===================================================================== This release resolves the following issue(s): Issue 1: [DSSEG-717] Deep Security Agent should allow you to enable the Windows Firewall by creating a ds_agent.ini file that contains: dsp.fwdpi.disableNativeFirewall=false This setting did not work. Solution 1: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 2: [DSSEG-703] When the Deep Security Agent generated Web Threat Protection (WTP) syslog messages, it did not follow the syslog format. When the syslog is set to "direct forward" from the agent, the log message should be Common Event Format (CEF). Solution 2: This issue is fixed in this release. The WRS Syslog format is now CEF. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 3: [DSSEG-222] In certain situations, if a DPI event was already sent to the Deep Security Manager, then restarting the Deep Security Agent service would send the event again to the Deep Security Manager again, causing duplicate events to appear in the Deep Security Manager console, on the DPI events tab. Solution 3: This issue has been fixed in the current release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Linux
2. What's New ======================================================================== 2.1 Enhancements ===================================================================== The following enhancement(s) are included in this release: Enhancement 1: [DSSEG-735] Unexpected behavior was observed under these circumstances: - a vCloud Director was added into Deep Security Manager under the primary tenant (t0) - multi-tenancy was not enabled - vCloud Directory had virtual machines installed with Deep Security Agents - the virtual machines were using Fully Qualified Doman Names (FQDN) Under those circumstances, agent-initiated activation using the dsa_control command did not activate the virtual machine under the vCloud Director, but created a new virtual machine record under Computers and activated it. The same behavior did not occur if a virtual machine was not using FQDN. Note: This issue was not reported when vCloud Director was used in a multi-tenant deployment with the VCenter, ESXi, DSVA and VMs imported in the primary tenant of Deep Security Manager and vCloud was added under other tenants (TN). To handle this specific scenario, the dsa_control -a option has been enhanced with a new :noDomain sub-option, which can be used as follows: dsa_control -a dsm://<DSMhostName_or_IPAddress>:4120:noDomain/ Note: The above command needs to be run manually or as a batch job. It cannot be downloaded as an option from a deployment script from the Deep Security Manager console. 2.2 Resolved Known Issues ===================================================================== This release resolves the following issue(s): Issue 1: [DSSEG-726] Linux systems would sometimes hang when the Deep Security Agent's kernel module, dsa_filter, was getting the driver's information from certain network interfaces. Solution 1: The issue is fixed in this release ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 2: [DSSEG-715] Real-time anti-malware scans could not detect virus activity in a docker container under devicemapper. Solution 2: The issue is fixed in this release ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 3: [DSSEG-703] When the Deep Security Agent generated Web Threat Protection (WTP) syslog messages, it did not follow the syslog format. When the syslog is set to "direct forward" from the agent, the log message should be Common Event Format (CEF). Solution 3: This issue is fixed in this release. The WRS Syslog format is now CEF. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 4: [DSSEG-222] In certain situations, if an Intrusion Prevention event was already sent to the Deep Security Manager, then restarting the Deep Security Agent service would send the event to the Deep Security Manager again, causing duplicate events to appear in the Deep Security Manager console on the Intrusion Prevention Events page. Solution 4: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~