Deep Security 10.1 has reached end of support. Use the version selector (above) to see more recent versions of the Help Center.
Configure a web server to provide software updates
Deep Security software updates are normally hosted and distributed by Relays. To deploy a Deep Security Agent on a computer, you must first import the Agent software installer for the platform into Deep Security Manager. Initially, the installer only installs the agent's core functionality. Plug-in modules required for each security feature (intrusion prevention, firewall, etc.) are installed later, when you enable that feature. Deep Security Manager deploys the required plug-in to the computer via the Deep Security Relay. This minimizes the agent's footprint on each computer.
If you already have a web server, you can provide software updates via the web server instead of a Relay. To do this, you must mirror the software repository of the Deep Security Relay on your web server.
Web server requirements
Disk Space:: 20 GB
Ports: Web server and relay port numbers
Copy the folder structure
Mirror the folder structure of the software repository folder on a Deep Security Relay. Methods vary by platform and network. For example, you could use rsync over SSH for a Linux computer and network that allows SSH.
On Windows, the default location for the Relay's software repository folder is:
C:\ProgramData\Trend Micro\Deep Security Agent\relay\www\dsa\
On Linux, the default location for the Relay's software repository folder is:
/var/opt/ds_agent/relay/www/dsa/
The structure of the folder is like this:
|-- dsa | |-- <Platform>.<Architecture> | |-- <Filename> | |-- <Filename> | |-- ... | | |-- <Platform>.<Architecture> | |-- <Filename> | |-- <Filename> | |-- ...
For example:
|-- dsa | |-- CentOS_6.x86_64 | |-- Feature-AM-CentOS_6-9.5.1-1097.x86_64.dsp | |-- Feature-DPI-CentOS_6-9.5.1-1097.x86_64.dsp | |-- Feature-FW-CentOS_6-9.5.1-1097.x86_64.dsp | |-- Feature-IM-CentOS_6-9.5.1-1097.x86_64.dsp | |-- ... | | |-- RedHat_EL6.x86_64 | |-- Agent-Core-RedHat_EL6-9.5.1-1306.x86_64.rpm | |-- Feature-AM-RedHat_EL6-9.5.1-1306.x86_64.dsp | |-- Feature-DPI-RedHat_EL6-9.5.1-1306.x86_64.dsp | |-- Feature-FW-RedHat_EL6-9.5.1-1306.x86_64.dsp | |-- ... | |-- Plugin-Filter_2_6_32_131_0_15_el6_x86_64-RedHat_EL6-9.5.1-1306.x86_64.dsp | |-- Plugin-Filter_2_6_32_131_12_1_el6_x86_64-RedHat_EL6-9.5.1-1306.x86_64.dsp | |-- ... | | |-- Windows.x86_64 | |-- Agent-Core-Windows-9.5.1-1532.x86_64.msi | |-- Agent-Core-Windows-9.5.1-1534.x86_64.msi | |-- Feature-AM-Windows-9.5.1-1532.x86_64.dsp | |-- Feature-AM-Windows-9.5.1-1534.x86_64.dsp | |-- Feature-DPI-Windows-9.5.1-1532.x86_64.dsp | |-- Feature-DPI-Windows-9.5.1-1534.x86_64.dsp | |-- ... | |-- Plugin-Filter-Windows-9.5.1-1532.x86_64.dsp | |-- Plugin-Filter-Windows-9.5.1-1534.x86_64.dsp | |-- ...
The example above shows only a few files and folders. Inside a complete Deep Security Relay's dsa folder, there are more. If you need to save disk space or bandwidth, you don't need to mirror all of them. You're only required to mirror the files that apply to your computers' platforms.
Configure agents to use the new software repository
When the mirror on the web server is complete, configure Deep Security to get their software updates from your web server.
- On Deep Security Manager, go to Administration > System Settings > Updates.
- In the Software Updates section, enter the URL(s) of the mirror folder(s) on your web server(s).
- Click Save.
