Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 6 公開のお知らせ:サポート情報 : トレンドマイクロ
(情報元のブックマーク数
Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 6 リリース。
Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 6 を下記日程にて公開いたします。 ■ 公開開始日 2017 年 02 月 22 日 (水) ■ 対象モジュール Deep Security Manager Deep Security Virtual Appliance Linux 版 Deep Security Agent Windows 版 Deep Security Agent Windows 版 Deep Security Notifier ■ 追加機能/修正内容 追加機能や修正内容は付属のReadmeをご覧ください。 ※日本語のReadmeは一か月以内に公開いたします。
サポート情報 : トレンドマイクロ
Windows
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancement(s) are included in this release:
Enhancement 1: [DSSEG-735]
If a vCloud Director has been added into the Deep
Security Manager under T0, and there is no multi-
tenancy enabled and vCloud Director has Virtual
Machines installed with Deep Security Agents and those
virtual machines are using Fully Qualified Domain Name
(FQDN), then agent-initiated activation using
dsa_control command does not activate the virtual
machine under the vCloud Director, but creates a new
virtual machine record under computers and activates
it. The same behaviour does not occur if virtual
machine is not using FQDN.
Note 1: This issue is not being reported if vCloud Director is
being used under multi-tenant deployment with VCenter,
ESXi, DSVA and VMs imported in T0 of DSM and vCloud is
being added under TN. To handle this specific
scenario, dsa_control -a option has been appended and
added with "FQDN:false" sub-option which can be used
as follows:
dsa_control –a dsm://<DSMhostName_or_IPAddress>:4120:/ "FQDN:false"
Note 1: The above command needs to be run manually or as a
batch job, but cannot be downloaded as an option from
deployment script from Deep Security Manager's
Console.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issue(s):
Issue 1: [DSSEG-717]
Deep Security Agent should allow you to enable the
Windows Firewall by creating a ds_agent.ini file that
contains: dsp.fwdpi.disableNativeFirewall=false
This setting did not work.
Solution 1: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-703]
When the Deep Security Agent generated Web Threat
Protection (WTP) syslog messages, it did not follow
the syslog format. When the syslog is set to "direct
forward" from the agent, the log message should be
Common Event Format (CEF).
Solution 2: This issue is fixed in this release. The WRS Syslog
format is now CEF.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-222]
In certain situations, if a DPI event was already sent
to the Deep Security Manager, then restarting the Deep
Security Agent service would send the event again to
the Deep Security Manager again, causing duplicate
events to appear in the Deep Security Manager console,
on the DPI events tab.
Solution 3: This issue has been fixed in the current release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Linux
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancement(s) are included in this release:
Enhancement 1: [DSSEG-735]
Unexpected behavior was observed under these
circumstances:
- a vCloud Director was added into Deep Security
Manager under the primary tenant (t0)
- multi-tenancy was not enabled
- vCloud Directory had virtual machines installed
with Deep Security Agents
- the virtual machines were using Fully Qualified
Doman Names (FQDN)
Under those circumstances, agent-initiated activation
using the dsa_control command did not activate the
virtual machine under the vCloud Director, but created
a new virtual machine record under Computers and
activated it. The same behavior did not occur if a
virtual machine was not using FQDN.
Note:
This issue was not reported when vCloud Director
was used in a multi-tenant deployment with the
VCenter, ESXi, DSVA and VMs imported in the primary
tenant of Deep Security Manager and vCloud was added
under other tenants (TN).
To handle this specific scenario, the dsa_control -a
option has been enhanced with a new :noDomain
sub-option, which can be used as follows:
dsa_control -a dsm://<DSMhostName_or_IPAddress>:4120:noDomain/
Note:
The above command needs to be run manually or as a
batch job. It cannot be downloaded as an option from
a deployment script from the Deep Security Manager
console.
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issue(s):
Issue 1: [DSSEG-726]
Linux systems would sometimes hang when the Deep
Security Agent's kernel module, dsa_filter, was
getting the driver's information from certain network
interfaces.
Solution 1: The issue is fixed in this release
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-715]
Real-time anti-malware scans could not detect virus
activity in a docker container under devicemapper.
Solution 2: The issue is fixed in this release
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-703]
When the Deep Security Agent generated Web Threat
Protection (WTP) syslog messages, it did not follow
the syslog format. When the syslog is set to "direct
forward" from the agent, the log message should be
Common Event Format (CEF).
Solution 3: This issue is fixed in this release. The WRS Syslog
format is now CEF.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 4: [DSSEG-222]
In certain situations, if an Intrusion Prevention
event was already sent to the Deep Security Manager,
then restarting the Deep Security Agent service would
send the event to the Deep Security Manager again,
causing duplicate events to appear in the Deep
Security Manager console on the Intrusion Prevention
Events page.
Solution 4: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~