Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 9 公開のお知らせ(2017/06/27):サポート情報 : トレンドマイクロ
(情報元のブックマーク数
Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 9リリース。
Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 9 を下記日程にて公開いたします。
■ 公開開始日
2017 年 06 月 27 日 (火)
■ 対象モジュールDeep Security Manager
Deep Security Virtual Appliance
Linux 版 Deep Security Agent
Windows 版 Deep Security Agent
Windows 版 Deep Security Notifier■ 追加機能/修正内容
追加機能や修正内容は付属のReadmeをご覧ください。
※日本語のReadmeは一か月以内を目安に公開いたします。■ 入手方法
本製品の各コンポーネントは最新版ダウンロードページの「統合サーバセキュリティ対策」カテゴリからダウンロードできます。
サポート情報 : トレンドマイクロ
「最新版ダウンロードページ」
Manager
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancements are included in this release:
Enhancement 1: [DSSEG-1059]
Deep Security Manager now provides a single
deployment script for both Windows and Linux and adds
the ability to select a proxy setting and add it to
the deployment script.
Note 1: - For SUSE Linux Enterprise Server 10, the
sha256sum command is not added by default. The
script can be modified to skip the sha256sum check.
- Linux deployment scripts now require that you
have curl installed.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Enhancement 2: [DSSEG-781/SEG-875]
In some environments, the Anti-Malware Solution
Platform (AMSP) could cause high disk input/output
when the common scan cache was on.
Solution 2: By default, the AMSP common scan cache is on. To
disable it, open a Windows command prompt on the Deep
Security Manager computer, go to the Deep Security
Manager root folder, and run this command:
dsm_c -action changesetting -name settings.configuration.disableAmspCommonScanCache -value true
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issues:
Issue 1: [DSSEG-1125]
On the "Deployment Scripts" page, when a user
selected a manager proxy that does not require
authentication, it would display a command that was
not necessary. As a result, the Deep Security Agent
sometimes failed to connect via the proxy.
Solution 1: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-1108]
The "Deployment Scripts" page included a "Proxy to
contact Relay(s)" option, which is not supported with
Deep Security 9.6.
Solution 2: This option has been removed to avoid confusion.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-1060]
In previous releases, the Deep Security Manager
installer only accepted a colon as the separator in
the host name on the Database screen. In a silent
install, it was
"DatabaseScreen.Hostname=Hostname\IP:Port number".
Solution 3: In this release, you can use either a colon or comma
as the separator.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 4: [DSSEG-1056/SEG-7464]
In Deep Security Manager, the number of rules listed
as "Unresolved Recommendations" sometimes did not
match the number of rules in the "Recommended for
Assignment" list.
Solution 4: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 5: [DSSEG-1001]
Synchronizing with vCenter sometimes caused an
internal deadlock in Deep Security Manager.
Solution 5: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 6: [DSSEG-744/SEG-1206]
The default ICRC log level for a Deep Security Agent
on Linux is "debug", which causes the ds_am-icrc.log
file to grow quickly.
Solution 6: Change the default ICRC log level to "warn". For a
fresh agent installation, the default ICRC log level
will be set to "warn" by default. To update an
existing agent on Linux:
1. Upgrade the Deep Security Manager to the build
that contains the fix.
2. On the Deep Security Manager computer, open a
windows command prompt, go to the Deep Security
Manager root folder, and run this command:
dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value true
3. Upgrade the Deep Security Agent to the build that
contains the fix.
4. After the agents are upgraded and the default
ICRC log level has been corrected, we recommend
that you turn off the key. To do this, go to the
Deep Security Manager computer, open a windows
command prompt, go to the Deep Security Manager
root folder, and run this command:
dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value false
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 7: [DSSEG-699]
Some users experienced issues with scheduled tasks,
where the task was being performed on the wrong day.
This was because the task day was scheduled in the
timezone of the Deep Security Manager or tenant,
which could be significantly different from the user
timezone. While the time of day would be correctly
converted between the user timezone and the
scheduling timezone, in some cases if the conversion
caused the day or date to change (for example,
Wednesday May 10th 10pm UTC is equivalent to a
Thursday May 11th 2am UTC+4), the task would be
scheduled 24 hours too early or too late.
Solution 7: With this release of Deep Security, all new scheduled
tasks are created with a specified associated
timezone. This can be edited in the scheduled task
properties. Any existing tasks will have schedules
displayed in the timezone in which they are currently
scheduled (tenant or Deep Security Manager).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Linux 版 Deep Security Agent
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancement is included in this release:
Enhancement 1: [DSSEG-602/SEG-263]
The "ratt" diagnostic tool for Deep Security Agents
on Linux did not provide statistics for the display
of the different types of generic memory allocation
in a driver memory statistics dump.
Solution 1: Those statistics are now provided in the "ratt"
diagnostic tool.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issues:
Issue 1: [DSSEG-1036/SEG-5710/SF00373887]
SAP anti-malware feature was not able to recognize an
e-mail message (.msg) file and issued
"TM_BLOCK_UNSUITABLE_EXTENSION" since it is not a
supported MIMETYPE.
Solution 1: The SAP anti-malware feature is now able to verify a
message file (.msg) as the Microsoft Word
(application/msword) MIMETYPE.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-1016]
The Deep Security Virtual Appliance's security update
failed or VMs were offline because the Scheduler
thread exited abnormally.
Solution 2: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-999]
If the Deep Security Agent failed to download the
Kernel Support Package, the agent would not retry the
download.
Solution 3: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 4: [DSSEG-980]
In some circumstances, the kernel module for a Linux
version of the Deep Security Agent could be replaced
by an earlier version of the kernel support package.
Solution 4: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 5: [DSSEG-979]
When connections were reset, they were not removed in
the kernel module until the connection timed out.
This resulted in the maximum number of TCP
connections being reached.
Solution 5: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 6: [DSSEG-923]
Certain types of incoming packets were provided from
the Linux Kernel to the Deep Security Agent Network
Packet engine without any ethernet header. This
caused an error when decoding the packets, causing
them to be dropped.
Solution 6: The Network Packet engine was modified to detect the
absence of the ethernet header and decode the packet
correctly.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 7: [DSSEG-744/SEG-1206]
The default ICRC log level for a Deep Security Agent
on Linux is "debug", which causes the ds_am-icrc.log
file to grow quickly.
Solution 7: Change the default ICRC log level to "warn". For a
fresh agent installation, the default ICRC log level
will be set to "warn" by default. To update an
existing agent on Linux:
1. Upgrade the Deep Security Manager to the build
that contains the fix.
2. On the Deep Security Manager computer, open a
windows command prompt, go to the Deep Security
Manager root folder, and run this command:
dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value true
3. Upgrade the Deep Security Agent to the build that
contains the fix.
4. After the agents are upgraded and the default
ICRC log level has been corrected, we recommend
that you turn off the key. To do this, go to the
Deep Security Manager computer, open a windows
command prompt, go to the Deep Security Manager
root folder, and run this command:
dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value false
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Windows 版 Deep Security Agent / Relay / Notifier
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancements are included in this release:
Enhancement 1: [DSSEG-904]
This release of Deep Security Agent adds support for
Windows 10 RS2.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Enhancement 2: [DSSEG-781/SEG-875]
In some environments, the Anti-Malware Solution
Platform (AMSP) could cause high disk input/output
when the common scan cache was on.
Solution 2: By default, the AMSP common scan cache is on. To
disable it, open a Windows command prompt on the Deep
Security Manager computer, go to the Deep Security
Manager root folder, and run this command:
dsm_c -action changesetting -name settings.configuration.disableAmspCommonScanCache -value true
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issues:
Issue 1: [DSSEG-1016]
The Deep Security Virtual Appliance's security update
failed or VMs were offline because the Scheduler
thread exited abnormally.
Solution 1: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-982/SEG-954/00319947/SEG-954/00319947]
Deep Security Agent AMSP module "tmactmon.sys"
crashed with a core dump.
Solution 2: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deep Security Virtual Applianceのreadme.txtが見当たらないのは仕様なのか・・・
