Trend Micro Deep Security 10.0 Update 8 公開のお知らせ:サポート情報 : トレンドマイクロ
(情報元のブックマーク数 
Trend Micro Deep Security 10.0 Update 8 リリース。
Deep Security 10.0 Update 8 のモジュールを公開いたします。
■ 公開開始日2018 年 3 月 1 日 (木)
■ 対象モジュール
Deep Security Manager
Deep Security Virtual Appliance
Linux 版 Deep Security Agent
Unix 版 Deep Security Agent
Windows 版 Deep Security Agent
Windows 版 Deep Security Notifier
■ 追加機能/修正内容追加機能や修正内容は付属の Readme をご覧ください。
サポート情報 : トレンドマイクロ
※日本語のReadmeは一か月以内を目安に公開いたします。
Deep Security Manager 10.0 Update8
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
There is one enhancement in this release:
Enhancement 1: [DSSEG-1981]
This release adds support for Amazon Linux 2.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issue(s):
Issue 1: [DSSEG-1941/SEG-21111]
When a database error was encountered while upgarding
the schema for a T0 (primary tenant) database, the
installer would continue the installation process.
This issue could cause the software and database to
have different schema versions.
Solution 2: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-1938]
When multi-tenancy was not enabled, users who were
assigned the "Full Access" role would see some screens
related to multi-tenancy.
Solution 2: This issue is fixed in this release. Screens related
to multi-tenancy are displayed only in a multi-tenant
environment.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-1913/SEG-20404]
When Deep Security Manager was running in single-
tenant mode, the Deep Security Agent did not send
events to the syslog server directly.
Solution 3: If you have not encountered this issue in your Deep
Security deployment, this release can prevent it. If
the issue is occuring in your environment, apply this
release and then execute the following command on the
Deep Security Manager computer: dsm_c -action
changesetting -name
"settings.configuration.forceT0SyslogSettings" -value
true
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 4: [DSSEG-1805]
The event "Intrusion Prevention Rule Compilation
Failed" appears when Deep Security Agent tries to
compile intrusion prevention rules but fails. In
previous releases, the warning message was not
dismissed when the agent successfully compiled the
rules on a subsequent attempt.
Solution 4: The warning message is now dismissed automatically.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 5: [DSSEG-1705/603349/SEG-16030]
Deleting inactive AWS hosts in an environment with a
heavy concurrent cloud sync load caused database
transaction deadlocks and prevented other operations
from saving changes to the database.
Solution 5: This issue is resolved in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deep Security Virtual Appliance 10.0 Update8
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancement(s) are included in this release:
Enhancement 1: [DSSEG-1980]
This release adds support for Amazon Linux 2. In order
to use this platform, you need Deep Security Manager
10.0 Update 8 or above.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issue(s):
Issue 1: [DSSEG-2017]
The Linux syslog received many filp_open failure logs
when the ds_agent anti-malware kernel module failed to
open files.
Solution 1: The issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-1992/SEG-22602]
Deep Security Agent incompatibilities with c5 and m5
instance types in AWS Elastic Compute Cloud (EC2)
running Linux operating systems caused an issue where
computers that failed to be correctly identified were
activated outside of an AWS cloud connector, were not
assigned EC2 metadata, and may not have been assigned
the expected security policy. In these cases,
assigning a security policy or relay groups based on
EC2 metadata – using Event Based Tasks (EBT's) for
example - was incorrect. In addition, consumption-
based billing for large instances was incorrect.
Existing EC2 instance types that have Deep Security
Agents already installed or newly deployed are
unaffected.
For details, please refer to:
https://success.trendmicro.com/solution/1119433
Solution 2: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-1974/SEG-23241/SEG-6472/SEG-6201/SEG-19649]
When the kernel module (gsch) in the Deep Security
Agent anti-malware feature on Linux was loaded and
hooked a system call, and then the gsch module was
unloaded or the anti-malware feature was disabled,
this caused a system crash if another vendor's kernel
module was hooking the system call later than the gsch
driver.
Solution 3: The issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deep Security Virtual Appliance 10.0 Update8
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancement(s) are included in this release:
Enhancement 1: [DSSEG-1980]
This release adds support for Amazon Linux 2. In order
to use this platform, you need Deep Security Manager
10.0 Update 8 or above.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issue(s):
Issue 1: [DSSEG-2017]
The Linux syslog received many filp_open failure logs
when the ds_agent anti-malware kernel module failed to
open files.
Solution 1: The issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-1992/SEG-22602]
Deep Security Agent incompatibilities with c5 and m5
instance types in AWS Elastic Compute Cloud (EC2)
running Linux operating systems caused an issue where
computers that failed to be correctly identified were
activated outside of an AWS cloud connector, were not
assigned EC2 metadata, and may not have been assigned
the expected security policy. In these cases,
assigning a security policy or relay groups based on
EC2 metadata – using Event Based Tasks (EBT's) for
example - was incorrect. In addition, consumption-
based billing for large instances was incorrect.
Existing EC2 instance types that have Deep Security
Agents already installed or newly deployed are
unaffected.
For details, please refer to:
https://success.trendmicro.com/solution/1119433
Solution 2: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-1974/SEG-23241/SEG-6472/SEG-6201/SEG-19649]
When the kernel module (gsch) in the Deep Security
Agent anti-malware feature on Linux was loaded and
hooked a system call, and then the gsch module was
unloaded or the anti-malware feature was disabled,
this caused a system crash if another vendor's kernel
module was hooking the system call later than the gsch
driver.
Solution 3: The issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Linux 版 Deep Security Agent / Relay 10.0 Update8
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancement(s) are included in this release:
Enhancement 1: [DSSEG-1980]
This release adds support for Amazon Linux 2. In order
to use this platform, you need Deep Security Manager
10.0 Update 8 or above.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issue(s):
Issue 1: [DSSEG-2017]
The Linux syslog received many filp_open failure logs
when the ds_agent anti-malware kernel module failed to
open files.
Solution 1: The issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-1992/SEG-22602]
Deep Security Agent incompatibilities with c5 and m5
instance types in AWS Elastic Compute Cloud (EC2)
running Linux operating systems caused an issue where
computers that failed to be correctly identified were
activated outside of an AWS cloud connector, were not
assigned EC2 metadata, and may not have been assigned
the expected security policy. In these cases,
assigning a security policy or relay groups based on
EC2 metadata – using Event Based Tasks (EBT's) for
example - was incorrect. In addition, consumption-
based billing for large instances was incorrect.
Existing EC2 instance types that have Deep Security
Agents already installed or newly deployed are
unaffected.
For details, please refer to:
https://success.trendmicro.com/solution/1119433
Solution 2: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-1974/SEG-23241/SEG-6472/SEG-6201/SEG-19649]
When the kernel module (gsch) in the Deep Security
Agent anti-malware feature on Linux was loaded and
hooked a system call, and then the gsch module was
unloaded or the anti-malware feature was disabled,
this caused a system crash if another vendor's kernel
module was hooking the system call later than the gsch
driver.
Solution 3: The issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
UNIX 版 Deep Security Agent 10.0 Update8
2. What's New ======================================================================== 2.1 Enhancements ===================================================================== There are no enhancements in this release. 2.2 Resolved Known Issues ===================================================================== There are no issues fixed in this release.
Windows 版 Deep Security Agent / Relay / Notifier 10.0 Update8
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancement(s) are included in this release:
Enhancement 1: [DSSEG-1710/SEG-17076/SEG-20229/SEG-13878/SEG-17217/
SEG-20808/DSSEG-1950]
The Anti-Malware Solution Platform (AMSP) module has
been upgraded to version 3.9.1209, which includes
these fixes:
- The ATSE engine detected some normal files as
malicious files. This issues has been fixed.
- The AEGIS engine has been enhanced to catch more high
profile malware.
- When anti-malware real-time scanning was enabled, it
sometimes took a few minutes for the client computer
to extract an archive file. This happened when the
AMSP module received a file event containing a file
name with a short file path to a Windows shared
folder on a network-attached storage server. This
issue has been fixed.
- The eye driver "path normalization function"
sometimes had performance issues on certain machines.
The symptoms varied depending on the environment, but
could include high CPU usage, high memory usage, or a
system hang. The eye driver has implemented
"BypassReparsePointMapping" to prevent these issues.
If you are experiencing this issue, follow these
steps to enable "BypassReparsePointMapping" on your
Deep Security Agent computers:
1. Disable Deep Security Agent self-protection if it
is enabled. For instructions, see
https://success.trendmicro.com/solution/1060690
2. Stop the AMSP service and the Deep Security Agent
service.
3. Add this registry key:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\tmevtmgr\Parameters]
DWORD BypassReparsePointMapping = 1
4. With administrator permission, run the following
commands to stop and restart the Trend eye drivers:
sc stop tmactmon
sc stop tmevtmgr
sc stop tmcomm
sc start tmcomm
sc start tmevtmgr
sc start tmactmon
5. Start the AMSP service and the Deep Security Agent
service.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
There are no issues fixed in this release.