Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 9 公開のお知らせ(2017/06/27):サポート情報 : トレンドマイクロ
Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 9リリース。
Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 9 を下記日程にて公開いたします。
■ 公開開始日
2017 年 06 月 27 日 (火)
■ 対象モジュールDeep Security Manager
Deep Security Virtual Appliance
Linux 版 Deep Security Agent
Windows 版 Deep Security Agent
Windows 版 Deep Security Notifier■ 追加機能/修正内容
追加機能や修正内容は付属のReadmeをご覧ください。
※日本語のReadmeは一か月以内を目安に公開いたします。■ 入手方法
本製品の各コンポーネントは最新版ダウンロードページの「統合サーバセキュリティ対策」カテゴリからダウンロードできます。
サポート情報 : トレンドマイクロ
「最新版ダウンロードページ」
Manager
2. What's New ======================================================================== 2.1 Enhancements ===================================================================== The following enhancements are included in this release: Enhancement 1: [DSSEG-1059] Deep Security Manager now provides a single deployment script for both Windows and Linux and adds the ability to select a proxy setting and add it to the deployment script. Note 1: - For SUSE Linux Enterprise Server 10, the sha256sum command is not added by default. The script can be modified to skip the sha256sum check. - Linux deployment scripts now require that you have curl installed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Enhancement 2: [DSSEG-781/SEG-875] In some environments, the Anti-Malware Solution Platform (AMSP) could cause high disk input/output when the common scan cache was on. Solution 2: By default, the AMSP common scan cache is on. To disable it, open a Windows command prompt on the Deep Security Manager computer, go to the Deep Security Manager root folder, and run this command: dsm_c -action changesetting -name settings.configuration.disableAmspCommonScanCache -value true ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2.2 Resolved Known Issues ===================================================================== This release resolves the following issues: Issue 1: [DSSEG-1125] On the "Deployment Scripts" page, when a user selected a manager proxy that does not require authentication, it would display a command that was not necessary. As a result, the Deep Security Agent sometimes failed to connect via the proxy. Solution 1: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 2: [DSSEG-1108] The "Deployment Scripts" page included a "Proxy to contact Relay(s)" option, which is not supported with Deep Security 9.6. Solution 2: This option has been removed to avoid confusion. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 3: [DSSEG-1060] In previous releases, the Deep Security Manager installer only accepted a colon as the separator in the host name on the Database screen. In a silent install, it was "DatabaseScreen.Hostname=Hostname\IP:Port number". Solution 3: In this release, you can use either a colon or comma as the separator. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 4: [DSSEG-1056/SEG-7464] In Deep Security Manager, the number of rules listed as "Unresolved Recommendations" sometimes did not match the number of rules in the "Recommended for Assignment" list. Solution 4: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 5: [DSSEG-1001] Synchronizing with vCenter sometimes caused an internal deadlock in Deep Security Manager. Solution 5: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 6: [DSSEG-744/SEG-1206] The default ICRC log level for a Deep Security Agent on Linux is "debug", which causes the ds_am-icrc.log file to grow quickly. Solution 6: Change the default ICRC log level to "warn". For a fresh agent installation, the default ICRC log level will be set to "warn" by default. To update an existing agent on Linux: 1. Upgrade the Deep Security Manager to the build that contains the fix. 2. On the Deep Security Manager computer, open a windows command prompt, go to the Deep Security Manager root folder, and run this command: dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value true 3. Upgrade the Deep Security Agent to the build that contains the fix. 4. After the agents are upgraded and the default ICRC log level has been corrected, we recommend that you turn off the key. To do this, go to the Deep Security Manager computer, open a windows command prompt, go to the Deep Security Manager root folder, and run this command: dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value false ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 7: [DSSEG-699] Some users experienced issues with scheduled tasks, where the task was being performed on the wrong day. This was because the task day was scheduled in the timezone of the Deep Security Manager or tenant, which could be significantly different from the user timezone. While the time of day would be correctly converted between the user timezone and the scheduling timezone, in some cases if the conversion caused the day or date to change (for example, Wednesday May 10th 10pm UTC is equivalent to a Thursday May 11th 2am UTC+4), the task would be scheduled 24 hours too early or too late. Solution 7: With this release of Deep Security, all new scheduled tasks are created with a specified associated timezone. This can be edited in the scheduled task properties. Any existing tasks will have schedules displayed in the timezone in which they are currently scheduled (tenant or Deep Security Manager). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Linux 版 Deep Security Agent
2. What's New ======================================================================== 2.1 Enhancements ===================================================================== The following enhancement is included in this release: Enhancement 1: [DSSEG-602/SEG-263] The "ratt" diagnostic tool for Deep Security Agents on Linux did not provide statistics for the display of the different types of generic memory allocation in a driver memory statistics dump. Solution 1: Those statistics are now provided in the "ratt" diagnostic tool. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2.2 Resolved Known Issues ===================================================================== This release resolves the following issues: Issue 1: [DSSEG-1036/SEG-5710/SF00373887] SAP anti-malware feature was not able to recognize an e-mail message (.msg) file and issued "TM_BLOCK_UNSUITABLE_EXTENSION" since it is not a supported MIMETYPE. Solution 1: The SAP anti-malware feature is now able to verify a message file (.msg) as the Microsoft Word (application/msword) MIMETYPE. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 2: [DSSEG-1016] The Deep Security Virtual Appliance's security update failed or VMs were offline because the Scheduler thread exited abnormally. Solution 2: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 3: [DSSEG-999] If the Deep Security Agent failed to download the Kernel Support Package, the agent would not retry the download. Solution 3: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 4: [DSSEG-980] In some circumstances, the kernel module for a Linux version of the Deep Security Agent could be replaced by an earlier version of the kernel support package. Solution 4: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 5: [DSSEG-979] When connections were reset, they were not removed in the kernel module until the connection timed out. This resulted in the maximum number of TCP connections being reached. Solution 5: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 6: [DSSEG-923] Certain types of incoming packets were provided from the Linux Kernel to the Deep Security Agent Network Packet engine without any ethernet header. This caused an error when decoding the packets, causing them to be dropped. Solution 6: The Network Packet engine was modified to detect the absence of the ethernet header and decode the packet correctly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 7: [DSSEG-744/SEG-1206] The default ICRC log level for a Deep Security Agent on Linux is "debug", which causes the ds_am-icrc.log file to grow quickly. Solution 7: Change the default ICRC log level to "warn". For a fresh agent installation, the default ICRC log level will be set to "warn" by default. To update an existing agent on Linux: 1. Upgrade the Deep Security Manager to the build that contains the fix. 2. On the Deep Security Manager computer, open a windows command prompt, go to the Deep Security Manager root folder, and run this command: dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value true 3. Upgrade the Deep Security Agent to the build that contains the fix. 4. After the agents are upgraded and the default ICRC log level has been corrected, we recommend that you turn off the key. To do this, go to the Deep Security Manager computer, open a windows command prompt, go to the Deep Security Manager root folder, and run this command: dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value false ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Windows 版 Deep Security Agent / Relay / Notifier
2. What's New ======================================================================== 2.1 Enhancements ===================================================================== The following enhancements are included in this release: Enhancement 1: [DSSEG-904] This release of Deep Security Agent adds support for Windows 10 RS2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Enhancement 2: [DSSEG-781/SEG-875] In some environments, the Anti-Malware Solution Platform (AMSP) could cause high disk input/output when the common scan cache was on. Solution 2: By default, the AMSP common scan cache is on. To disable it, open a Windows command prompt on the Deep Security Manager computer, go to the Deep Security Manager root folder, and run this command: dsm_c -action changesetting -name settings.configuration.disableAmspCommonScanCache -value true ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2.2 Resolved Known Issues ===================================================================== This release resolves the following issues: Issue 1: [DSSEG-1016] The Deep Security Virtual Appliance's security update failed or VMs were offline because the Scheduler thread exited abnormally. Solution 1: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Issue 2: [DSSEG-982/SEG-954/00319947/SEG-954/00319947] Deep Security Agent AMSP module "tmactmon.sys" crashed with a core dump. Solution 2: This issue is fixed in this release. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~