Deep Security Manager settings properties file

Applies to on-premise Deep Security software installations only

The settings properties file can be used in a command-line installation (silent Install) of the Deep Security Manager. (See Silent Install of Deep Security Manager.)

The format of each entry in the settings property file is:

<Screen Name>.<Property Name>=<Property Value>

The settings properties file has required and optional values.

For optional entries, supplying an invalid value will result in the default value being used.

Required Settings

LicenseScreen

Property Possible Values Default Value
LicenseScreen.License.-1=<value> <AC for all modules> blank

OR

Property Possible Values Default Value
LicenseScreen.License.0=<value> <AC for Anti-Malware> blank
LicenseScreen.License.1=<value> <AC for Firewall/DPI> blank
LicenseScreen.License.2=<value> <AC for Integrity Monitoring> blank
LicenseScreen.License.3=<value> <AC for Log Inspection> blank

CredentialsScreen

Property Possible Values Default Value
CredentialsScreen.Administrator.Username=<value> <username for master administrator> blank
CredentialsScreen.Administrator.Password=<value> <password for the master administrator> blank

Optional Settings

LanguageScreen

Property Possible Values Default Value Notes
sys.languageId=<value> en_US
ja
zh_CN
en_US "en_US" = English, "ja" = Japanese, "zh_CN" = Simplified Chinese

UpgradeVerificationScreen

This screen determines what happens if an existing installation is detected.

This setting is not referenced unless an existing installation is detected.
Property Possible Values Default Value
UpgradeVerificationScreen.Overwrite=<value> True
False
False

A True value results in a fresh install with all data in the existing database being discarded. A False value provides the option to repair the existing installation.

If you set this value to True, it will overwrite any existing data in the database. It will do this without any further prompts.

OldDataMigrationScreen

This screen defines the number of days of data to keep. When this setting is 0, all historical data will be kept, but this may increase the amount of time the upgrade will take. During the data migration, the silent install will show the percentage of records migrated at 10% intervals.

This setting is not referenced unless an existing installation is detected and it requires a data migration to upgrade the database schema.
Property Possible Values Default Value
OldDataMigrationScreen.HistoricalDays=<value> Any integer 0

DatabaseScreen

This screen defines the database type and optionally the parameters needed to access certain database types.

The interactive install provides an "Advanced" dialog to define the instance name and domain of a Microsoft SQL server, but because the unattended install does not support dialogs these arguments are included in the DatabaseScreen settings below.
Property Possible Values Default Value Notes
DatabaseScreen.DatabaseType=<value> Embedded
Microsoft SQL Server
Oracle
Microsoft SQL Server None
DatabaseScreen.Hostname=<value> The name or IP address of the database server
Current host name
Current host name

None

You can specify the port in this entry using the format <hostname>:<port>. Example: example:123

DatabaseScreen.DatabaseName=<value> Any string dsm Not required for Embedded
DatabaseScreen.Transport=<value> Named Pipes
TCP
Named Pipes Required for SQL Server only
DatabaseScreen.Username=<value> Any string blank Username used by the Manager to authenticate to the database server. Must match an existing database account. Note that the Deep Security Manager database permissions will correspond to this user's permissions. For example, if you choose a database account with read-only privileges, the Deep Security Manager will not be able to write to the database. Not required for Embedded. Mandatory for Microsoft SQL Server and Oracle.
DatabaseScreen.Password=<value> Any string blank Password used by the Manager to authenticate to the database server. Not required for Embedded. Mandatory for Microsoft SQL Server and Oracle.
DatabaseScreen.SQLServer.Instance=<value> Any string blank Used only with Microsoft SQL Server, which supports multiple instances on a single server or processor. Only one instance can be the default instance and any others are named instances. If the Deep Security Manager database instance is not the default, enter the name of the instance here. The value must match an existing instance or be left blank to indicate the default instance.
DatabaseScreen.SQLServer.Domain=<value> Any string blank Used only with Microsoft SQL Server. This is the Windows domain used when authenticating to the SQL Server. The DatabaseScreen.Username and DatabaseScreen.Password described above are only valid within the appropriate domain.
DatabaseScreen.SQLServer.UseDefaultCollation=<value> True
False
False Used only with Microsoft SQL Server. Collation determines how strings are sorted and compared. If the value is "False", Deep Security will use Latin1_General_CS_AS for collation on text-type columns. If the value is "True", Deep Security will use the collation method specified by your SQL Server database. For additional information on collation, refer to your SQL Server documentation.

AddressAndPortsScreen

This screen defines the hostname, URL, or IP address of this computer and defines port numbers for the Manager. In the interactive installer this screen also supports the addition of a new Manager to an existing database, but this option is not supported in the unattended install.

Property Possible Values Default Value Notes
AddressAndPortsScreen.ManagerAddress=<value> <hostname, URL or IP address of the Manager host> <current host name> None
AddressAndPortsScreen.ManagerPort=<value> <valid port number> 4119 See Port numbers, URLs, and IP addresses.
AddressAndPortsScreen.HeartbeatPort=<value> <valid port number> 4120 See Port numbers, URLs, and IP addresses.
AddressAndPortsScreen.NewNode=<value> True
False
False True indicates that the current install is a new node. If the installer finds existing data in the database, it will add this installation as a new node. (Multi-node setup is always a silent install). Note: The "New Node" installation information about the existing database to be provided via the DatabaseScreen properties.

CredentialsScreen

Property Possible Values Default Value Notes
CredentialsScreen.UseStrongPasswords=<value> True
False
False True indicates the DSM should be set up to enforce strong passwords

SecurityUpdateScreen

Property Possible Values Default Value Notes
SecurityUpdateScreen.UpdateComponents=<value> True
False
True True will instruct the Deep Security Manager to create a Scheduled Task to automatically check for Security Updates. The Scheduled Task will run when installation is complete.
SecurityUpdateScreen.Proxy=<value> True
False
False True indicates that the Deep Security Manager uses a proxy to connect to the Internet to download Security Updates from Trend Micro.
SecurityUpdateScreen.ProxyType=<value> HTTP
SOCKS4
SOCKS5
blank The protocol used by the proxy.
SecurityUpdateScreen.ProxyAddress=<value> valid IPv4 or IPv6 address or hostname blank The IP or hostname of the proxy.
SecurityUpdateScreen.ProxyPort=<value> integer blank The port number of the proxy. See Port numbers, URLs, and IP addresses.
SecurityUpdateScreen.ProxyAuthentication=<value> True
False
False True indicates that the proxy requires authentication credentials.
SecurityUpdateScreen.ProxyUsername=<value> any string blank The authentication username.
SecurityUpdateScreen.ProxyPassword=<value> any string blank The authentication password.

SoftwareUpdateScreen

Property Possible Values Default Value Notes
SoftwareUpdateScreen.UpdateSoftware=<value> True
False
True True will instruct the Deep Security Manager to create a Scheduled Task to automatically check for Software Updates. The Scheduled Task will run when installation is complete.
SoftwareUpdateScreen.Proxy=<value> True
False
False True indicates that the Deep Security Manager uses a proxy to connect to the Internet to download Software Updates from Trend Micro.
SoftwareUpdateScreen.ProxyType=<value> HTTP
SOCKS4
SOCKS5
blank The protocol used by the proxy.
SoftwareUpdateScreen.ProxyAddress=<value> valid IPv4 or IPv6 address or hostname blank The IP or hostname of the proxy.
SoftwareUpdateScreen.ProxyPort=<value> integer blank The port number of the proxy. See Port numbers, URLs, and IP addresses.
SoftwareUpdateScreen.ProxyAuthentication=<value> True
False
False True indicates that the proxy requires authentication credentials.
SoftwareUpdateScreen.ProxyUsername=<value> any string blank The authentication username.
SoftwareUpdateScreen.ProxyPassword=<value> any string blank The authentication password.

SmartProtectionNetworkScreen

This screen defines whether you want to enable Trend Micro Smart Feedback and optionally your industry.

Property Possible Values Default Value Notes
SmartProtectionNetworkScreen.EnableFeedback=<value> True
False
False True enables Trend Micro Smart Feedback.
SmartProtectionNetworkScreen.IndustryType=<value> Not specified
Banking
Communications and media
Education
Energy
Fast-moving consumer goods (FMCG)
Financial
Food and beverage
Government
Healthcare
Insurance
Manufacturing
Materials
Media
Oil and gas
Real estate
Retail
Technology
Telecommunications
Transportation
Utilities
Other
blank blank corresponds to Not specified

RelayScreen

This screen defines whether you want to install the Deep Security Relay on the same computer as Deep Security Manager.

Property Possible Values Default Value Notes
RelayScreen.Install
  • True
  • False
False

True installs the Deep Security Relay on the Deep Security Manager computer.

False does not install the Deep Security Relay on the Deep Security Manager (silent install), or shows a screen asking you whether you want to install the relay (regular install).

Sample Properties Files

The following is an example of the content of a typical properties file:

AddressAndPortsScreen.ManagerAddress=10.xxx.xxx.xxx
AddressAndPortsScreen.NewNode=True
UpgradeVerificationScreen.Overwrite=False
LicenseScreen.License.-1=XY-ABCD-ABCDE-ABCDE-ABCDE-ABCDE-ABCDE
OldDataMigrationScreen.HistoricalDays=30
DatabaseScreen.DatabaseType=Microsoft SQL Server
DatabaseScreen.Hostname=10.xxx.xxx.xxx
DatabaseScreen.Transport=TCP
DatabaseScreen.DatabaseName=XE
DatabaseScreen.Username=DSM
DatabaseScreen.Password=xxxxxxx
AddressAndPortsScreen.ManagerPort=4119
AddressAndPortsScreen.HeartbeatPort=4120
CredentialsScreen.Administrator.Username=masteradmin
CredentialsScreen.Administrator.Password=xxxxxxxx
CredentialsScreen.UseStrongPasswords=False
SecurityUpdateScreen.UpdateComponents=True
SecurityUpdateScreen.Proxy=False
SecurityUpdateScreen.ProxyType=
SecurityUpdateScreen.ProxyAddress=
SecurityUpdateScreen.ProxyPort=
SecurityUpdateScreen.ProxyAuthentication=False
SecurityUpdateScreen.ProxyUsername=
SecurityUpdateScreen.ProxyPassword=
SoftwareUpdateScreen.UpdateSoftware=True
SoftwareUpdateScreen.Proxy=False
SoftwareUpdateScreen.ProxyType=
SoftwareUpdateScreen.ProxyAddress=
SoftwareUpdateScreen.ProxyPort=
SoftwareUpdateScreen.ProxyAuthentication=False
SoftwareUpdateScreen.ProxyUsername=
SoftwareUpdateScreen.ProxyPassword=
RelayScreen.Install=True
SmartProtectionNetworkScreen.EnableFeedback=False

Installation Output

The following is a sample output from a successful install, followed by an example output from a failed install (invalid license). The [Error] tag in the trace indicates a failure.

Successful Install

Stopping Trend Micro Deep Security Manager Service...
Checking for previous versions of Trend Micro Deep Security Manager...
Upgrade Verification Screen settings accepted...
The installation directory has been set to C:\Program Files\Trend Micro\Deep Security Manager.
Database Screen settings accepted...
License Screen settings accepted...
Address And Ports Screen settings accepted...
Credentials Screen settings accepted...
Security Update Screen settings accepted...
Software Update Screen settings accepted...
Smart Protection Network Screen settings accepted...
All settings accepted, ready to execute...
Extracting files ...
Setting Up...
Connecting to the Database...
Creating the Database Schema...
Creating MasterAdmin Account...
Recording Settings...
Creating Temporary Directory...
Installing Reports...
Installing Modules and Plug-ins...
Creating Help System...
Validating and Applying Activation Codes...
Configure Localizable Settings...
Setting Default Password Policy...
Creating Scheduled Tasks...
Creating Asset Importance Entries...
Creating Auditor Role...
Optimizing...
Importing Software Packages...
Configuring Relay For Install...
Importing Performance Profiles...
Recording Installation...
Clearing Sessions...
Creating Properties File...
Creating Shortcut...
Configuring SSL...
Configuring Service...
Configuring Java Security...
Configuring Java Logging...
Cleaning Up...
Starting Deep Security Manager...
Finishing installation ...

Failed Install

This example shows the output generated when the properties file contained an invalid license string:

Stopping Trend Micro Deep Security Manager Service...
Detecting previous versions of Trend Micro Deep Security Manager...
Upgrade Verification Screen settings accepted...
Database Screen settings accepted...
Database Options Screen settings accepted...
[ERROR] The license code you have entered is invalid.
[ERROR] License Screen settings rejected...
Rolling back changes...