Deep Security 10.1 has reached end of support. Use the version selector (above) to see more recent versions of the Help Center.
What's new?
Deep Security 10.1 feature release
Below are major changes in Deep Security 10.1, which is a feature release (see Deep Security Feature Releases for details about feature release support).
Feature | Description | Minimum required agent or virtual appliance |
---|---|---|
Identity provider support via SAML 2.0 | When Deep Security is deployed and configured to work with your identity provider, there is no longer a need to manage administrative users directly in Deep Security. In addition, you can leverage features of your IdP, such as password strength and change enforcement, one-time password (OTP), and two-factor or multi-factor authentication (2FA/MFA) when signing in to Deep Security using SAML. Supported identity providers include Active Directory Federation Services (ADFS), Okta, PingOne, and Shibboleth. For more information, see How SAML single sign-on works. |
|
Single deployment script for Windows and Linux | Deep Security Manager now provides a single curl deployment script for both Windows and Linux agents and enables you to add a proxy setting. For more information, see Deep Security Manager uses TLS 1.2. |
|
PostgreSQL support | Deep Security 10.1 supports the use of PostgreSQL as a low-cost database option. This option is supported only with new installations of Deep Security 10.1. For more information, see |
|
SQL Server Express support | Deep Security 10.1 supports the use of SQL Server Express in certain limited deployments. For details, see Microsoft SQL Server Express considerations. |
|
Docker enhancements | Deep Security 10.1 continues to build on the feature set introduced in Deep Security 10.0. Enhancements include container information for anti-malware events. |
|
News feed | The news feed feature enables you to stay up-to-date on product related topics. For more information, see How do I get news about Deep Security? |
|
Application control - new platform support | Application control, which was introduced in Deep Security 10.0, is now supported on Windows and additional Linux platforms. For details, see Supported features by platform. |
|
Computers page enhancements | Changes to the Computers page in the Deep Security Manager provide a more intuitive experience and improved page responsiveness. |
|
Time-boxed anti-malware scans | You can now specify a timeout value for scheduled malware scans. (Go to Administration > Scheduled Tasks and add or edit a Scan Computers for Malware scheduled task.) The timeout option is available for daily, weekly, monthly, and once-only scans. When a scheduled malware scan is running and the timeout limit has been reached, any tasks that are currently running or pending will be canceled. Combined with a start time setting, scans can now be time-boxed so they can run exclusively during non-impacting hours. |
|
Zero impact network driver install | Agent upgrades no longer cause a brief server network disconnect. This allows non-disruptive upgrades on production networks. |
|
New support for AIX 7.2 | You can use the Deep Security 9.0 Agent for AIX 7.1 to provide protection on AIX 7.2. |
|
New support for Debian 8 | There is a new Deep Security 10.0 Agent for Debian 8. |
|
Real-time anti-malware scans for Oracle Linux | Real-time anti-malware scanning is now supported on Oracle Linux 6 (64-bit) and Oracle Linux 7 (64-bit). |
|
Deep Security 10.0
Below are major changes in Deep Security 10.0.
All Deep Security 10.0 features are supported on 10.1. However, if Deep Security Manager 10.1 is installed, then the minimum supported Deep Security Agent or Deep Security Virtual Appliance version is 9.6. Deep Security Manager 10.1 does not support Deep Security Agent and Deep Security Virtual Appliance 9.5.
Feature | Description | Minimum required agent |
---|---|---|
Better upgrade experience | Significant engineering effort was invested into making upgrades to Deep Security 10.0 smoother than before to help you move on to Deep Security 10.0. We have completely revamped the user upgrade experience by including functionality that checks your currently installed Deep Security components and makes personalized recommendations for your upgrade path. The overall upgrade process is more robust and dependable too. |
|
System requirements |
All system requirements for Deep Security 10.0 are documented in System requirements. |
|
Increase security by using application control | Get visibility into applications running on your systems and detect or block unauthorized software. You have the ability to decide if new applications can be added and safely run on a given workload. Deep Security introduces a simplified application control administration with day-to-day activities minimized through one to many policies, simplified drift timeline and application execution view, and automation through APIs. |
|
Docker deployment protection (containers) | Deep Security 10.0 expands beyond server workloads to protect Docker containers, leveraging proven techniques like anti-malware, IPS and application control to protect dynamic container deployments. Learn more about how we can protect your Docker hosts and containers. |
|
Enhanced anti-malware and ransomware scanning with behavior monitoring | Threat actors are becoming more sophisticated and often use techniques to bypass traditional virus pattern matching. These advanced threats are difficult to detect and require new technology to do so. Deep Security 10.0 provides security settings that you can apply to Windows® computers protected by a Deep Security Agent. These settings enable you to go beyond malware pattern matching and identify suspicious files that could potentially contain emerging malware that hasn’t yet been added to the anti-malware patterns (known as a zero-day attack). |
|
Secure event forwarding to a syslog or SIEM server using Transport Layer Security (TLS) | Deep Security 10.0 can securely forward system and security events to an external Syslog or SIEM server from the Deep Security Manager over TLS, meeting the needs of customers who are governed by compliance standards such as HIPAA and solving both confidentiality and reliability issues. To find out how, see Forward Deep Security events to an external syslog or SIEM server . |
|
Usability enhancements | New user interface
Enhanced visibility across your hybrid cloud environment is provided through an updated, more intuitive user interface (UI). The cleaner and more intuitive UI helps you identify problem areas and begin to remediate them more quickly. The new interface introduces new sophisticated management features to help address the realities of distributed architectures. Smart folders To help organize your personal view of your protected assets, you can create saved searches that allow you to dynamically organize your workloads. You can create logical filters based on properties such as hostname, AWS tags, Azure Resource Groups, vCenter or Active Directory. Smart folders always react to dynamic changes in your cloud environment. See Group computers dynamically with smart folders. Easier to get help Directly from within the Manager you can now search all of the information in our new Help Center (you are on it right now!). All of the content previously contained in the Administrator's Guide and the Installation Guide is also located there and it is all searchable from Google™ search. |
|
Updated cloud connectors |
|
|
Updated support for Oracle® Solaris 10 and 11 servers | The Deep Security Agent for Solaris has been updated for Deep Security 10.0. Anti-malware scanning capabilities are now available for Solaris 10 and 11 servers. |
|
Access events with Amazon Simple Notification Service (Amazon SNS) | If you have an AWS account, you can take advantage of Amazon SNS to publish notifications about Deep Security events and deliver them to subscribers. Learn how to set this up. |
|
Affinity settings: Advanced combined mode | Combined Mode implies a distribution of protection between a Deep Security Virtual Appliance (DSVA) and a Deep Security Agent (DSA). Beginning in Deep Security 10, you are able to specify an "affinity" for each of the protection modules, to specify whether the protection should be provided by the DSA or the DSVA, when both are available. This replaces the Coordinated Mode available in previous releases. For more information, see the Configure protection source settings for protection modules section of Choose agentless vs. combined mode protection |
|
Deep Security Scanner (SAP for Windows) | While anti-malware is now required by most enterprises, there is an additional requirement to safeguard mission-critical environments such as SAP. In SAP deployments, there are many opportunities for customers to upload external files, potentially exposing the SAP NetWeaver® environment to malware that could corrupt an entire database. Deep Security 10.0 provides a security solution that is specifically designed for SAP NetWeaver environments to help protect this mission-critical data and ensure their business is not impacted. Learn more about protecting SAP NetWeaver environments. |
|
Licensing | Deep Security for SAP® has been renamed to Deep Security Scanner but no changes to pricing for this functionality have been made and previous SAP licenses will work to enable Deep Security Scanner functionality. |
|