Trend Micro Deep Security 11.0 Update 3 公開のお知らせ:サポート情報 : トレンドマイクロ

(情報元のブックマーク数

Trend Micro Deep Security 11.0 Update 3リリース、

Deep Security 11.0 Update 3 のモジュールを公開いたします。
■ 公開開始日

2018 年 10 月 24 日 (水)

■ 対象モジュール

Deep Security Manager
Linux 版 Deep Security Agent
Windows 版 Deep Security Agent
Windows 版 Deep Security Notifier
■ 追加機能/修正内容

追加機能や修正内容は付属の Readme をご覧ください。
※日本語のReadmeは一か月以内を目安に公開いたします。

■ 入手方法

Deep Securityヘルプセンターからダウンロードできます。
「Deep Securityヘルプセンター」
また、以下の製品 Q&A も合わせてご参照ください。
Update プログラムとは

サポート情報 : トレンドマイクロ

Deep Security Manager 11.0 Update 3

2. What's New
========================================================================

   2.1 Enhancements
   =====================================================================
   The following enhancement(s) are included in this release:
   
   Enhancement 1: [DSSEG-2684]
                  With this release, customers can add an NSX Manager
                  when Deep Security Manager is operating in FIPS mode.
                  When adding an the NSX Manager to Deep Security
                  Manager, after you enter the NSX Manager information
                  and click "Next", Deep Security Manager gets the NSX
                  server certificate. After adding the vCenter and NSX
                  server successfully, you can install the Deep Security
                  Virtual Appliance and enable FIPS mode for the
                  appliance.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Enhancement 2: [DSSEG-2901]
                  In this release, a time zone improvement has been
                  added to the Deep Security Manager logging.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Enhancement 3: [DSSEG-2724]
                  The version of the Java JRE used in Deep Security 
		  Manager has been upgraded to Java 8 u181.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   2.2 Resolved Known Issues
   =====================================================================
   This release resolves the following issue(s):
   
   Issue 1:       [DSSEG-2929/SEG-36736/01211295/GCC1-1-828168859]
                  The 'Cancel "Upgrade Agent"' button on the 'Actions' 
                  tab of the Computer details page did not function
		          properly.
   
   Solution 1:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
               
   Issue 2:       [DSSEG-2892/SEG-37280/SF01255727]
                  Deep Security Manager does not successfully
                  synchronize with Microsoft Azure cloud accounts when
                  Deep Security Manager is using a proxy in an air-gap
                  environment.
   
   Solution 2:    With this release, Deep Security Manager is able to
                  synchronize when the proxy setting does not contain a
                  credential. However, the Azure connector cannot
                  synchronize successfully with a credential in the
                  proxy setting.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 3:       [DSSEG-2855]
                  "User Session Validation Failed" events occurred
                  unexpectedly when the Deep Security Manager sign-in
                  page was accessed.
   
   Solution 3:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 4:       [DSSEG-2849/SEG-34129]
                  The status of the Deep Security Virtual Appliance
                  displayed as "Managed (VM Stopped)" instead of
                  "Offline" when the Deep Security Virtual Appliance was
                  power off.
   
   Solution 4:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 5:       [DSSEG-2848]
                  After migrating a virtual machine from one ESX host to
                  another, a duplicate entry for that virtual machine
                  was displayed on the Computers page in Deep Security
                  Manager.
   
   Solution 5:    The issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 6:       [DSSEG-2791/SEG-13784]
                  Customers were prevented from upgrading Deep Security
                  Manager when their environment contained Deep Security
                  Agents on unsupported platforms.
   
   Solution 6:    The Deep Security Manager installer no longer performs
                  a pre-check of agents and relays, which unblocks the
                  Deep Security Manager upgrade.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 7:       [DSSEG-2701]
                  The Deep Security Manager did not display system event
                  934 - Software Update: Anti-Malware Windows Platform
                  Update Successful.
   
   Solution 7:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 8:       [DSSEG-2691]
                  On Linux, Deep Security Manager files were readable by
                  all local users.
   
   Solution 8:    The permissions of Deep Security Manager files on
                  Linux have been changed so that they are no longer
                  accessible by local users.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Issue 9:       [DSSEG-2812]
                  Beginning with JDK version 8u181, the JVM enforces 
		          endpoint identification for LDAPS connections by 
		          default. The JVM verifies the server address of an 
        		  Active Directory connector against the server 
        		  certificate Common Name (or subjectAltName, if it
        		  exists). As a result, if the existing Active Directory
        		  connector uses a server address that does not match 
        		  the certificate CN (or subjectAltName), the connector 
        		  would not be able to synchronize successfully.

   Solution 9:    This issue is fixed in this release. When performing a
                  fresh install, endpoint identification is enabled. 
        		  When performing an upgrade, if any tenants have an 
        		  existing Active Directory connector (for either a 
        		  computer or a user) that connects using LDAPS, endpoint
        		  identification is disabled. If no Active Directory 
        		  connector is found, endpoint identification is enabled
        		  by default.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Deep Security Agent 11.0 Update 3 for Linux

2. What's New
========================================================================

   2.1 Enhancements
   =====================================================================
   The following enhancement(s) are included in this release:
   
   Enhancement 1: [DSSEG-2828/SEG-34684]
                  Previously, the network engine would sometimes fill
                  the MAC field in event logs with zeros for outgoing
                  packets, to make the logs easier to read. This release
                  removes this behavior to avoid issues in an overlay
                  network environment. In the event logs, the MAC
                  address for outgoing packets may be empty or contain a
                  random number.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Enhancement 2: [DSSEG-2745/00389528/441559/00513686/00611107/
                   00528775/SF00340345/00425845/538145/SF00374619/
                   SF179909/SF159145/SF318628/00368352]
                  In this release, the Deep Security Agent installer
                  checks the installation platform to prevent
                  installation of an agent that does not match the
                  platform. This feature is supported on: 
                  
                    - Amazon Linux and Amazon Linux 2 
                    - Red Hat Enterprise Linux 6 and 7
                    - CentOS 6 and 7 
                    - Cloud Linux 7 
                    - Oracle Lnux 6 and 7
                    - SUSE Linux Enterprise Server 11 and 12
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Enhancement 3: [DSSEG-2606]
                  The version of OpenSSL used by the Deep Security Agent
                  and Deep Security Relay has been updated
                  to openssl-1.0.2o.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   2.2 Resolved Known Issues
   =====================================================================
   This release resolves the following issue(s):
   
   Issue 1:       [DSSEG-2875/SEG-28060/00853021]
                  After upgrading Deep Security Agent from version 9.6
                  to 10.0 on a Linux platform, the Component Set version
                  was not updated, which caused the Security Update
                  Status to display "Out-of-Date".
   
   Solution 1:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 2:       [DSSEG-2835/SEG-33414/00854640]
                  The Deep Security Agent's CPU usage spiked every 10
                  seconds.
   
   Solution 2:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 3:       [DSSEG-2739]
                  When Deep Security Agent was installed on a virtual
                  machine (VM) and the VM was reverted to an earlier
                  state, Log Inspection event data was not synchronized
                  properly between the Deep Security Agent and Deep
                  Security Manager.
   
   Solution 3:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Deep Security Agent 11.0 Update 3 for Windows, and Deep Security Notifier 11.0 Update 3 for Windows

2. What's New
========================================================================

   2.1 Enhancements
   =====================================================================
   The following enhancement(s) are included in this release:
   
   Enhancement 1: [DSSEG-2769]
                  The Deep Security Agent installer no longer installs
                  all feature modules when the module plug-in files are
                  located in the same folder as the installer. The
                  required plug-in files are downloaded from a Relay
                  when a policy is applied to a protected computer.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Enhancement 2: [DSSEG-2258]
                  The Anti-Malware engine offline error is no longer
		          reported when the computer is preparing to shutdown. 
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Enhancement 3: [DSSEG-2606]
                  The version of OpenSSL used by the Deep Security Agent
                  and Deep Security Relay has been updated
                  to openssl-1.0.2o.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   

   2.2 Resolved Known Issues
   =====================================================================
   This release resolves the following issue(s):
   
   Issue 1:       [DSSEG-2875/SEG-28060/00853021]
                  After upgrading Deep Security Agent from version 9.6
                  to 10.0 on a Linux platform, the Component Set version
                  was not updated, which caused the Security Update
                  Status to display "Out-of-Date".
   
   Solution 1:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 2:       [DSSEG-2835/SEG-33414/00854640]
                  The Deep Security Agent's CPU usage spiked every 10
                  seconds.
   
   Solution 2:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 3:       [DSSEG-2739]
                  When Deep Security Agent was installed on a virtual
                  machine (VM) and the VM was reverted to an earlier
                  state, Log Inspection event data was not synchronized
                  properly between the Deep Security Agent and Deep
                  Security Manager.
   
   Solution 3:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

screenshot