Trend Micro Deep Security 10.0 Update 14 公開のお知らせ:サポート情報 : トレンドマイクロ
(情報元のブックマーク数 
Trend Micro Deep Security 10.0 Update 14 リリース、
Deep Security 10.0 Update 14 のモジュールを公開いたします。
■ 公開開始日2018 年 9 月 28 日 (金)
■ 対象モジュール
Deep Security Manager
Linux 版 Deep Security Agent
Unix 版 Deep Security Agent
Windows 版 Deep Security Agent
Windows 版 Deep Security Notifier
■ 追加機能/修正内容追加機能や修正内容は付属の Readme をご覧ください。
サポート情報 : トレンドマイクロ
※日本語のReadmeは一か月以内を目安に公開いたします。
Deep Security Manager 10.0 Update 14
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancements are included in this release:
Enhancement 1: [DSSEG-2766]
Deep Security Manager now supports Deep Security Agent
for Debian 9.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Enhancement 2: [DSSEG-2742]
This release includes enhancements to the Deep
Security Manager diagnostics package:
- The default file size limit has been increased from
200 MB to 2 GB.
- When the verbose option is selected and the
diagnostic package generates separate XML files for
specific tables, the same information is not repeated
in the debug.xml file.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Enhancement 3: [DSSEG-2365]
Anti-Malware Scan Engine can be displayed and has the
option to enable or disable an update.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issues:
Issue 1: [DSSEG-2702]
The Deep Security Manager did not display system event
934 - Software Update: Anti-Malware Windows Platform
Update Successful.
Solution 1: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-2670]
Deep Security Manager did not allow activation of Deep
Security Agents installed on servers running
Solaris 9.
Solution 2: Deep Security Manager has been modified to allow these
activations.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-2664/SF00646921/SEG-26000]
Microsoft Internet Expolorer consumed a large amount
of CPU time when accessing the Deep Security Manager
console.
Solution 3: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 4: [DSSEG-2645/SEG-13304]
During a graceful Deep Security Manager node shutdown,
if the node was used for NSX communication, the next
manager node was assigned as an NSX communication
node, even if that node was offline.
Solution 4: Deep Security Manager now checks that the next manager
node is online before assigning it as an NSX
communication node.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 5: [DSSEG-2621/SF01034097/SEG-32852]
The Deep Security Agent's GUID is not included in the
Anti-Malware and Web Reputation events when the Deep
Security Manager sends those events to the Control
Manager. Therefore, the Control Manager can't properly
identify the affected hosts when processing the event
notifications.
Solution 5: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 6: [DSSEG-2590]
Collecting a Deep Security Manager diagnostic package
using the dsm_c command with verbose enabled sometimes
failed to include the debug.xml if there were more
than 5000 hosts.
Solution 6: This release has resolved this issue; however, for
larger numbers of hosts (>10 000), the JVM memory for
dsm_c.exe may need to be increased. This is done by
creating a file named dsm_c.vmoptions and including,
for example, "-Xmx2g" to increase memory to 2GB.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 7: [DSSEG-2529/00829419/SEG-28660]
Event Forwarding via Amazon SNS repeatedly caused send
failures because of events with descriptions that were
too long.
Solution 7: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deep Security Agent 10.0 Update 14 for Linux
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancement(s) are included in this release:
Enhancement 1: [DSSEG-2788]
The Linux Deep Security Agent fresh install will not
download the older version engine from iAU if the Deep
Security Agent Anti-Malware module already includes
the new engine.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Enhancement 2: [DSSEG-2563]
Deep Security Agent now supports Debian 9. This new
agent is compatible with Deep Security Manager 10.0
Update 12 or later.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Enhancement 3: [DSSEG-2489]
Anti-Malware Scan Engine can be displayed and has the
option to enable or disable an Anti-Malware update.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issue(s):
Issue 1: [DSSEG-2736/SEG-34502]
When a TCP connection was established with the same
tuples as a previously tracked one, the network engine
could set the connection track to an incorrect status.
This sometimes happened on a busy server where rapid
connections reused a recycled connection. The network
engine treated it as an "Out of connection" error and
dropped the packet.
Solution 1: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-2542/SEG-31883/SF00958979]
An invalid dentry object sometimes caused a kernel
panic.
Solution 2: The issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-2387/SEG-22509/00695358]
In a Red Hat Enterprise Linux 5 or 6 or a CentOS 5 or
6 environment, Integrity Monitoring events related to
the following rule were displayed even if users or
groups were not created or deleted:
1008720 - Users and Groups - Create and Delete
Activity
Solution 3: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 4: [DSSEG-2329/SEG-29194/SF00866327]
Some of the files installed by Deep Security Agent had
incorrect permissions.
Solution 4: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 5: [DSSEG-2313/SEG-26394/815500]
When both Application Control and real-time Anti-
Malware scanning were enabled and either one became
disabled, a system crash would sometimes occur. This
could occur when explicitly disabling either feature
or when:
- stopping the Deep Security Agent service,
- upgrading the Deep Security Agent, or
- restarting a Deep Security Agent computer.
Solution 5: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deep Security Agent 10.0 Update 14 for Windows, and Deep Security Notifier 10.0 Update 14 for Windows
2. What's New
========================================================================
2.1 Enhancements
=====================================================================
The following enhancement(s) are included in this release:
Enhancement 1: [DSSEG-2489]
Anti-Malware scan engine can be displayed and has the
option to enable or disable an Anti-Malware update.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Enhancement 2: [DSSEG-2321]
The Deep Security Agent installer no longer installs
all feature modules when the module plug-in files are
located in the same folder as the installer. The
required plug-in files are downloaded from a Deep
Security Relay when a policy is applied to a protected
computer.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Enhancement 3: [DSSEG-2256/SEG-27831]
Set the correct installation and upgrade status of
Windows Anti-Malware.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2 Resolved Known Issues
=====================================================================
This release resolves the following issue(s):
Issue 1: [DSSEG-2736/SEG-34502]
When a TCP connection was established with the same
tuples as a previously tracked one, the network engine
could set the connection track to an incorrect status.
This sometimes happened on a busy server where rapid
connections reused a recycled connection. The network
engine treated it as an "Out of connection" error and
dropped the packet.
Solution 1: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 2: [DSSEG-2588]
When the Anti-Malware or Firewall features were
enabled, Deep Security Agent was not registered to the
Windows Security Center on Windows 10 version 1803
(April 2018 Update). This caused the status of anti-
malware and firewall to be incorrect in the Windows
Security Center and Windows Defender Security Center.
Solution 2: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 3: [DSSEG-2407/SEG-29750/SF00874980]
When Deep Security Agent was installed on a virtual
machine (VM) and the VM was reverted to an earlier
state, Log Inspection event data was not synchronized
properly between the Deep Security Agent and Deep
Security Manager.
Solution 3: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue 4: [DSSEG-2313/SEG-26394/815500]
When both Application Control and real-time Anti-
Malware scanning were enabled and either one became
disabled, a system crash would sometimes occur. This
could occur when explicitly disabling either feature
or when:
- stopping the Deep Security Agent service,
- upgrading the Deep Security Agent, or
- restarting a Deep Security Agent computer.
Solution 4: This issue is fixed in this release.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
