Change the payment type of your Deep Security AMI from AWS Marketplace installation

To change your Deep Security AMI from AWS Marketplace payment type, you need to perform the following steps:

  1. Modify the Deep Security Manager database.
  2. Install Deep Security Manager.
  3. Delete previous Deep Security Manager instances.

Modify the Deep Security Manager database

We strongly recommend that you back up your database before proceeding with the upgrade. Installations with embedded databases cannot be migrated from Pay Per Use (Deep Security (Classic)) to another payment type.

  1. SSH into Deep Security Manager and run the following command:

    service dsm_s stop

  2. Run the command from the table below that corresponds with the payment type you want to switch to:

    Payment type Command
    Pay Per Use sudo /opt/dsm/dsm_c -action changesetting -name com.trendmicro.ds.awsmarketplace:settings.configuration.productCode -value 997ioknddq6g16v8h8iqv5qg3
    AWS Marketplace Billing sudo /opt/dsm/dsm_c -action changesetting -name com.trendmicro.ds.awsmarketplace:settings.configuration.productCode -value cqcvf9f0ugw8rkbgmf1c9dtxu
    Bring Your Own License sudo /opt/dsm/dsm_c -action changesetting -name com.trendmicro.ds.awsmarketplace:settings.configuration.productCode -value 9sc4t8suhxrja5nkxqdrnuue5

  3. Run the following command to verify that Deep Security Manager is using the correct payment option:

    sudo /opt/dsm/dsm_c -action viewsetting -name com.trendmicro.ds.awsmarketplace:settings.configuration.productCode

Install Deep Security Manager

  1. Deploy a new instance of Deep Security Manager using the latest version from the AWS Marketplace.

    If you are using Deep Security Marketplace metered billing, you cannot launch the new Deep Security AMI until you have configured the AWS Identity and Access Management (IAM) settings for the instance.
    The new instance of the Deep Security Manager must either be configured for load balancing or have the same network address or DNS host name as the previous Deep Security Manager instance.

  2. Start the instance, go to https://<host or IP>:8080, enter the Instance ID, and click Sign In.

    The Deep Security setup page appears.

  3. Read and accept the terms of the license agreement on the License Agreement tab and click Next.

  4. Enter the configuration parameters of your existing Deep Security database on the Database tab and click Next.

  5. Click Upgrade on the Previous Version Check tab and click Next.

  6. On the Ports tab, type the host name or IP address of the computer you are installing Deep Security Manager on, and then click Next.

    The Manager Address must be either a resolvable host name, a fully qualified domain name, or an IP address. If DNS is not available in your environment or if some computers are unable to use DNS, a fixed IP address should be used instead of a host name. You can also change the default communication ports. See Port numbers, URLs, and IP addresses.

  7. Click Next on the Credentials tab.

    The existing credentials will stay the same.

  8. Review the installation settings on the Review Settings tab to ensure that they are correct, and then click Install.

    The Deep Security Status page will show that the Deep Security Manager is being installed. When the installation is complete, Deep Security Manager will be displayed.

Delete previous Deep Security Manager instances

  1. Log in to Deep Security Manager and delete the computer records for any old Deep Security Manager installations by clicking the Computers tab, selecting the record, and clicking Delete on the toolbar.

  2. Delete old manager nodes by going to the Administration tab in Deep Security Manager, selecting Manager Nodes in the left-hand navigation menu, opening the Properties dialog for each old manager node (Status: "Offline (Upgrade Required)"), and clicking Decommission.

  3. Delete your old Deep Security Manager instances by right-clicking on the instance from the AWS console and selecting Instance State > Terminate.