View relay groups

Every relay belongs to a relay group, even if the group only has one relay. Relay groups — not individual relays — are assigned to agents and appliances for redundancy: if a relay is offline, another relay in the group can provide updates. By default, all new relays belong to "Default Relay Group." Every Deep Security deployment needs at least one relay group so that your agents and appliances can download security updates and software, but to optimize performance, usually you should have at least 2 relays. For sizing information, see How do relays work?

Trend Micro recommends that agents download updates from a relay group in the same geographic region, preferably the same local network. To do this, you can arrange relay groups in a hierarchy. See Create relay groups.

On Administration > Updates > Relay Groups, you can:

  • Create a New () Relay Group
  • Delete a Relay Group
  • View the Properties() of a Relay Group

Relay Group Properties


General Information: The name and description of the relay group.

Security Updates: Select the source from which this relay group will download and distribute security updates: either Primary Security Update Source (required for Default Relay Group), or a parent relay group.

Default Relay Group will always use the primary security update source defined on Administration > System Settings > Updates. It is usually the Trend Micro Active Update servers, but can be configured to download security updates a local mirror.

Proxies: Specify the proxy server (if any) that relays must use to access the primary security update source.

If the relay group is configured to use the Primary Security Update Source, relays will use this proxy. Otherwise, if this relay group is configured to download security updates from another relay group, relays won't use the proxy unless they can't connect to the parent relay group, and therefore are trying to connect to the Primary Security Update Source.

In Deep Security Agent 10.0 GA and earlier, agents didn't have support for connections through a proxy to relays. If a ruleset download fails due to a proxy, and if your agents require a proxy to access the relay or manager (including Deep Security as a Service), then you must either:

Members: Relays that belong to the group.

Assigned To

This tab shows computers that use this relay group to download software and security updates.