Deep Security 11 has reached end of support. Use the version selector (above) to see more recent versions of the Help Center.

Archived Deep Security Manager release notes

For release notes from the long-term support release, see Deep Security Manager 11.0 readme.

For release note from this year, see What's new in Deep Security Manager?.

Update 1

Enhancement 1: [DSSEG-2574] A new Deep Security feature called "Inactive Agent Cleanup" has been added under System Settings > Agents. Inactive Agent Cleanup automatically deletes computers that have been offline for longer than a configurable period of time.

Enhancement 2: [DSSEG-2582] If you previously added Amazon EC2 instances or Amazon WorkSpaces as individual computers, and they are part of your AWS account, after importing the account the instances are moved into the tree structure during AWS Cloud synchronization, rather than waiting for a heartbeat.

Enhancement 3: [DSSEG-2441] As of Deep Security Manager 11.0 Update 1, when a Deep Security 11.x agent attempts to determine whether software is new or has changed, it will compare only the file's SHA-256 hash and file size (they have a "hash-based" ruleset). Because the rules created by Deep Security 11.x agents compare only the unique hash and file size, a rule will continue to be applied even if the software file is renamed or moved. As a result, using Deep Security 11.x agents reduces the number of software changes that you need to deal with. A Deep Security 10.x agent continues to use a file-based ruleset until it is upgraded to Deep Security 11.0 or newer. When you upgrade an agent to version 11.0 or newer, its ruleset is converted to use hash-based rules. If there are multiple file-based rules for the same hash value, they are consolidated into one hash- based rule. If the rules being consolidated conflict with each other (one rule blocks the file and another allows it), the new hash-based rule will be an "allow" rule.

Enhancement 4: [DSSEG-2427] An addition to the Deep Security SOAP API enables you to retrieve all Intrusion Prevention rules assigned to a specific host, including rules that were assigned manually, as a result of a recommendation scan, or as part of a policy assignment.

Enhancement 5: [DSSEG-2485] EPsecSDK has been upgraded to version 6.4.1.

Issue 1: [DSSEG-2612/SF00991531/SEG-31972] Some computers on the computers page were not being sorted alphabetically.

Issue 2: [DSSEG-2572/SEG-32317/SF01019268] If the Deep Security Agents report events to the Deep Security Manager with data that exceeds the size limitation, the Deep Security Agents show the warning - "Get Events Failed (Internal server error)" on the Deep Security Manager web console. The corresponding system events also indicate an Oracle database error - ORA-01461.

Issue 3: [DSSEG-2508/SEG-28221] A syslog server encountered errors when a hostname contained special characters.

Issue 4: [DSSEG-2507/00916321/SEG-31435] After a rule update was applied, some CVE numbers appeared multiple times on the "Policies > Common Objects > Rules > Intrusion Prevention Rules" page.

Issue 5: [DSSEG-2506] When the regular expression used for an event-based task contained a negation (for example, do not activate a computer name that begins with a particular string), the match results were sometimes not as expected.

Issue 6: [DSSEG-2465/SEG-30293/SF00907480] In Deep Security Manager 11.0, the SQL connection string did not allow special characters like {. When the password used for the Deep Security Manager connection contained {, the Manager could not connect to the database to proceed with an installation or upgrade.

Issue 7: [DSSEG-2415] When using the Tag filter in event reports and dashboard widgets, the event count displayed twice as many events as it should have. This issue is fixed in this release. However, events generated in Deep Security Manager 11.0 will still be counted twice until all references to those events are eventually pruned from the system.

Issue 8: [DSSEG-2409/SEG-13784] When Deep Security Manager processes a heartbeat from a Deep Security Agent on a cloud instance, it may need to acquire a lock to perform rehoming and update tenant host usage. In previous releases, the lock acquiring mechanism in Deep Security Manager could cause a bottleneck, resulting in an increased heartbeat rejection rate and negatively affecting Deep Security Manager performance.

Issue 9: [DSSEG-2360] Deployment scripts created in Deep Security Manager did not detect the correct version of Amazon Linux, resulting in Deep Security Agent for Amazon Linux being installed instead of Deep Security Agent Amazon Linux 2.

Issue 10: [DSSEG-2359] With this release of Deep Security Manager, TLS 1.2 is enforced by default for new installations of the manager. This means you must upgrade all your agents to 10.0+ which is the minimum version that supports TLS 1.2. (For upgrades to Deep Security Manager 11.0 Update 1, your previous deployment's TLS settings are preserved. If TLS 1.0 was allowed before, then it will also be allowed after the upgrade.) For details, see: https://help.deepsecurity.trendmicro.com/11_0/on-premise/tls-version.html A new dsm_c command enables you to change TLS protocol support in Deep Security. You can set the TLS protocol to TLSv1 or TLSv1.2. You can also use the command to display the current TLS setting.

Issue 11: [DSSEG-2218] This release resolved a security vulnerability.

Issue 12: [DSSEG-2581] The "Reactivate Unknown Agents" setting only worked correctly for VMware.

Update 2

Enhancement 1: [DSSEG-2662] In previous releases, the "Check for Security Updates" scheduled task updated all hosts that met the criteria and inserted a "hostComponentUpdate" record for each host. The record was also added for offline hosts, and then deleted after it expired, which is a waste of resources for hosts that remain uncommunicative for a long time. With this release, the scheduled task ignores offline hosts that have been uncommunicative for 30 days or more.

Enhancement 2: [DSSEG-2646] Deep Security Manager will now automatically select a valid manager node for NSX communication.

Enhancement 3: [DSSEG-2615] This release includes enhancements to the Deep Security Manager diagnostics package: - The default file size limit has been increased from 200 MB to 2 GB. - When the verbose option is selected and the diagnostic package generates separate XML files for specific tables, the same information is not repeated in the debug.xml file.

Enhancement 4: [DSSEG-2364] Anti-Malware Scan Engine can be displayed and has the option to enable or disable an Anti-Malware update.

Enhancement 5: [DSSEG-2273] Deep Security Agent is now supported on Ubuntu 18.04. This manager is compatible with the corresponding Deep Security Agent update.

Issue 1: [DSSEG-2680] The previous heartbeat default buffer size (2 KB) was too small in some environments, and could cause the Deep Security Agent to fail to communicate properly with the Deep Security Manager. Solution 1: The socket buffer size for agent-initiated communication is now configurable and the default value has been increased to 32 KB.

Issue 2: [DSSEG-2667/SF00646921/SEG-26000] Microsoft Internet Explorer consumed a large amount of CPU time when accessing the Deep Security Manager console.

Issue 3: [DSSEG-2629] When intrusion prevention events were triggered by the intrusion prevention module rather than by an intrusion prevention rule, a syslog sent via Deep Security Manager would display the severity of the event as 10, but a syslog sent directly from the Deep Security Agent would display the severity as 5. In addition, there was a duplicate protocol name in the protocol field of a syslog forwarded via Deep Security Manager.

Update 3

Enhancement 1: [DSSEG-2684] With this release, customers can add an NSX Manager when Deep Security Manager is operating in FIPS mode. When adding an the NSX Manager to Deep Security Manager, after you enter the NSX Manager information and click "Next", Deep Security Manager gets the NSX server certificate. After adding the vCenter and NSX server successfully, you can install the Deep Security Virtual Appliance and enable FIPS mode for the appliance.

Enhancement 2: [DSSEG-2901] In this release, a time zone improvement has been added to the Deep Security Manager logging.

Enhancement 3: [DSSEG-2724] The version of the Java JRE used in Deep Security Manager has been upgraded to Java 8 u181.

Issue 1: [DSSEG-2929/SEG-36736/01211295/GCC1-1-828168859] The 'Cancel "Upgrade Agent"' button on the 'Actions' tab of the Computer details page did not function properly.

Issue 2: [DSSEG-2892/SEG-37280/SF01255727] Deep Security Manager does not successfully synchronize with Microsoft Azure cloud accounts when Deep Security Manager is using a proxy in an air-gap environment. With this release, Deep Security Manager is able to synchronize when the proxy setting does not contain a credential. However, the Azure connector cannot synchronize successfully with a credential in the proxy setting.

Issue 3: [DSSEG-2855] "User Session Validation Failed" events occurred unexpectedly when the Deep Security Manager sign-in page was accessed.

Issue 4: [DSSEG-2849/SEG-34129] The status of the Deep Security Virtual Appliance displayed as "Managed (VM Stopped)" instead of "Offline" when the Deep Security Virtual Appliance was power off.

Issue 5: [DSSEG-2848] After migrating a virtual machine from one ESX host to another, a duplicate entry for that virtual machine was displayed on the Computers page in Deep Security Manager.

Issue 6: [DSSEG-2791/SEG-13784] Customers were prevented from upgrading Deep Security Manager when their environment contained Deep Security Agents on unsupported platforms. The Deep Security Manager installer no longer performs a pre-check of agents and relays, which unblocks the Deep Security Manager upgrade.

Issue 7: [DSSEG-2701] The Deep Security Manager did not display system event 934 - Software Update: Anti-Malware Windows Platform Update Successful.

Issue 8: [DSSEG-2691] On Linux, Deep Security Manager files were readable by all local users. : The permissions of Deep Security Manager files on Linux have been changed so that they are no longer accessible by local users.

Issue 9: [DSSEG-2812] Beginning with JDK version 8u181, the JVM enforces endpoint identification for LDAPS connections by default. The JVM verifies the server address of an Active Directory connector against the server certificate Common Name (or subjectAltName, if it exists). As a result, if the existing Active Directory connector uses a server address that does not match the certificate CN (or subjectAltName), the connector would not be able to synchronize successfully. When performing a fresh install, endpoint identification is enabled. When performing an upgrade, if any tenants have an existing Active Directory connector (for either a computer or a user) that connects using LDAPS, endpoint identification is disabled. If no Active Directory connector is found, endpoint identification is enabled by default.

Issue 10: [DSSEG-2925] Extra computers were triggered for security updates when a scheduled security update task for a computer group was started.

Issue 11: [DSSEG-2931] Improper database synchronization resulted in the creation of duplicate host records.

Update 4

Enhancement 1: [DSSEG-2784] The versions of Apache Tomcat used in Deep Security Manager have been upgraded to 8.5.34.

Enhancement 2: [DSSEG-2792] A new 'Include time zone in events' check box has been added to the SIEM and syslog configuration in Deep Security Manager under "Administration > System Settings > Event Forwarding > Edit > General" tab.

Enhancement 3: [DSSEG-2993] In a multi-tenant Deep Security Manager environment, alert emails now include the Tenant Name and Tenant ID.

Enhancement 4: [DSSEG-2990] When generating a diagnostics package in Deep Security Manager running on Windows, if you select the "System Information" option, the diagnostics package will now include the manager's msinfo file.

Issue 1: [DSSEG-3068] Deep Security Manager included null pointer exceptions in the server0.log file when "Offline" system events (event ID 730) were set to not record.

Issue 2: [DSSEG-3060] The Terminated Host Purge job occasionally would not remove agents if it encountered a deadlock in the database.

Issue 3: [DSSEG-3027] UNC paths could not be added to Behavior Monitoring Protection Exceptions.

Issue 4: [DSSEG-2996/SF01221054/SEG-37404] The Soap API securityUpdateApply() returned a null pointer exception.

Issue 5: [DSSEG-2956] Previously, deadlock issues occurred when updating activeHostErrors records, which heavily impacted heartbeats.

Issue 6: [DSSEG-2938] The Deep Security Manager could not connect with all AWS WorkSpaces instances.

Issue 7: [DSSEG-2899] The Inactive Agent Cleanup feature sometimes did not wor because the upgrade process inserted null values when migrating data from the hosts table to the hostvolatiles table.

Issue 8: [DSSEG-2900] The Inactive Agent Cleanup feature occasionally would not remove agents if it encountered deadlock in the database.

Issue 9: [DSSEG-2983] Deep Security Manager was not able to synchronize with Azure accounts using the Azure connector in an air-gapped environment. This was because the Azure connector used the ADAL4j library to retrieve the access token. This implementation has a limitation in handling a proxy with username/password authentication, which caused timeout exceptions in air-gaped environments.

Update 5

Enhancement 1: [DSSEG-3217] A column containing the Tenant ID was added to the Security Module Usage Report.

Enhancement 2: [DSSEG-2993/SEG-28030/SF00852527] In a multi-tenant Deep Security Manager environment, alert emails now include the Tenant Name and Tenant ID.

Enhancement 3: [DSSEG-2990] When generating a diagnostics package in Deep Security Manager running on Windows, if you select the "System Information" option, the diagnostics package will now include the manager's msinfo file.

Enhancement 4: [DSSEG-2901] In this release, a time zone improvement has been added to the Deep Security Manager logging.

Enhancement 5: [DSSEG-2792/SEG-35196] A new 'Include time zone in events' check box has been added to the SIEM and syslog configuration in Deep Security Manager under Administration > System Settings > Event Forwarding > Edit > General tab.

Enhancement 6: [DSSEG-2784] The versions of Apache Tomcat used in Deep Security Manager have been upgraded to 8.5.34.

Issue 1: [DSSEG-3145/SEG-34447] The Log Inspection severity clipping feature did not work as expected when forwarding events.

Issue 2: [DSSEG-3143/SEG-41156/01484581] Deep Security Manager sometimes failed to apply a rule update right after deleting some computers.

Issue 3: [DSSEG-3140/1468357/SEG-40727] Deep Security Manager sometimes used high levels of CPU when a very large number of superseded baseline entities were being deleted.

Issue 4: [DSSEG-2983] Deep Security Manager was not able to synchronize with Azure accounts using the Azure connector in an air- gapped environment. This was because the Azure connector used the ADAL4j library to retrieve the access token. This implementation has a limitation in handling a proxy with username/password authentication, which caused timeout exceptions in air-gaped environments. Deep Security Manager now uses the Azure REST API to retrieve the access token. This new implementation works with an authenticated proxy in air-gaped environments.

Issue 5: [DSSEG-2899] The Inactive Agent Cleanup feature sometimes did not work because the upgrade process inserted null values when migrating data from the hosts table to the hostvolatiles table.

Update 6

Enhancement 1: [DSSEG-3220] Added the ability to enforce strong ciphers in Deep Security.

Enhancement 2: [DSSEG-3196] Oracle JRE 8u181 has been replaced with Azul Zulu OpenJDK 8u192.

Enhancement 3: [DSSEG-3160] When a protected ESXi is upgraded to a newer version or a new ESXi version is deployed, Deep Security Manager will automatically detect the ESXi version and add it to the Trend Micro Deep Security service in NSX Manager, which helps to ensure the successful deployment of the related version of dsva.ovf.

Enhancement 4: [DSSEG-2959/SEG-12461] The error handling mechanism for processing events retrieved from a vCenter server has been refined.

Issue 1: [DSSEG-3314] /rest/alerts sometimes returned inaccurate results. Solution 1: Improvements have been made to /rest/alerts to ensure that accurate results are returned.

Issue 2: [DSSEG-3251/SF01373134/SEG-39714] Deep Security Manager showed many Internal Software Error system events when "Events Retrieved" and "Agent/Appliance Error" were not recorded in "System Settings > System Events". Solution 2: This issue is fixed in this release.

Issue 3: [DSSEG-3250/SEG-40884/1475286] The Deep Security Manager shows "Internal server error" when browsing the hosts in the Computers page. Solution 3: This issue is fixed in this release.

Issue 4: [DSSEG-2392/SEG-28457] When agent self-protection was enabled in a policy and the policy was duplicated, the duplicate copy of the policy did not include the correct self-protection password. Solution 4: A duplicate policy now includes the agent self- protection password, if one was specified in the original policy.

Update 7

Enhancement 1: [DSSEG-3414] Updated JRE to the latest Critical Patch Update (8.0.202).

Issue 1: [DSSEG-3395/SEG-43515] When operating Deep Security in multi-tenant mode with the "Allow Tenants to add with Cloud Accounts" option disabled, tenants could still see the "Administration > System Settings > Advanced > Manager AWS Identity" settings. Solution 1: This issue is fixed in this release. When "Allow Tenants to add with Cloud Accounts" is not selected, tenants will not see the "Manager AWS Identity" settings.

Issue 2: [DSSEG-3382/SEG-43686/1609706] In the Deep Security Manager, the Alerts page sometimes displayed an Internal Server Error. Also, the alert totals displayed in the status bar at the bottom of the page were incorrect. Solution 2: This issue is fixed in this release.

Issue 3: [DSSEG-3366] Some translations in the Japanese version of the Deployment Scripts page were inconsistent. Solution 3: This issue is fixed in this release.

Issue 4: [DSSEG-3339/SEG-39776] In Deep Security Manager, when you went to Events Reports > Events > Anti-Malware Events > Identified Files and did an advanced search by Computer IP address, computers with the incorrect IP address were also displayed. Solution 4: The issue is fixed in this release.

Issue 5: [SEG-42234/SEG-38673] When 'Reactivate unknown agents' was enabled, Deep Security Manager was re-activating the embedded agent on the Deep Security Virtual Appliance unnecessarily. Solution 5: This release includes new logic for recognizing the agent when processing heartbeats from the Deep Security Virtual Appliance, which fixes the issue.

Issue 6: [DSSEG-3180/SEG-3153] Sometimes, when a large number of vMotion jobs did not finish normally (such as when the Deep Security Manager service was shut down) new vMotion jobs could not be processed. Other Deep Security Manager jobs were affected as well. Solution 6: The issue is fixed in this release.

Update 8

Enhancement 1: [DSSEG-3546] This release includes security updates. More details will be posted after release at the following link: https://success.trendmicro.com/vulnerability-response

Enhancement 2: [DSSEG-3308/SEG-36501/01231115] Gave the Deep Security Administrator the ability to hide unresolved recommendation scan results from the Intrusion Prevention, Integrity Monitoring and Log Inspection tab in the policy pages. To hide the unresolved recommendation scan results, use the following commands Intrusion Prevention: dsm_c -action changesetting -name com.trendmicro.ds.network: settings.configuration.showUnresolvedRecommendationsIn foInPolicyPage -value false Integrity Monitoring: dsm_c -action changesetting -name com.trendmicro.ds.in tegrity:settings.configuration.showUnresolvedRecommend ationsInfoInPolicyPage -value false Log Inspection: dsm_c -action changesetting -name com.trendmicro.ds.lo ginspection:settings.configuration.showUnresolvedRecom mendationsInfoInPolicyPage -value false

Issue 1: [DSSEG-3538] When customers with a large number of smart folders, computer groups, and policies clicked "Events Reports > Generate Reports" and then quickly switched to the "Recurring Reports" tab before the initial page was fully loaded, Deep Security Manager would display a spinner but the "Recurring Reports" tab was not populated unless the customer returned to the "Single Report" tab and allowed enough time for it to fully load. Solution 1: The Deep Security Manager console has been improved. Instead of presenting "Single Report" and "Recurring Reports" as tabs on the "Generate Reports" page, they are now separate items under "Generate Reports" in the navigation pane, which allows you to access them independently. The solution also makes the initial response of the "Single Report" page visible to the user much earlier and loads the necessary content on demand, significantly reducing latency.

Issue 2: [DSSEG-3443] If you tried to use the new VMware NSX licensing edition, namely NSX Data Center for vSphere 6.4.1+, then Deep Security Manager would only register the Anti-Malware module even if NSX's Network Introspection Service was enabled and allowed for more modules. Solution 2: With this release, Deep Security Manager now supports the new NSX licensing edition, and is able to determine the Deep Security modules supported by each. Further, for any future NSX licensing editions, the Network Introspection Service feature will be registered by default when you deploy Deep Security Manager.

Issue 3: [DSSEG-3373/SEG-38979/01302939] The Deep Security Manager did not properly manage the partition tables in a PostgreSQL database, resulting in many AlertUpdateEvents tables remaining in the database. Solution 3: This issue is fixed in this release.

Issue 4: [DSSEG-3370] An unexpected "Anti-Malware Engine Offline" computer status occurred on the internal virtual machine (VM) created when provisioning a VMware VDI environment. Solution 4: The issue is fixed in this release.

Issue 5: [DSSEG-3234/01484611/SEG-41437] False alerts regarding the license expiration were occasionally raised. Solution 5: This issue is fixed in this release.

Issue 6: [DSSEG-3087/SEG-40021] When a policy was created based on a relay-enabled agent, the policy contained the relay state. All agents that were assigned the policy automatically became relays. Solution 6: This issue is fixed in this release.

Update 9

Issue 1: [DSSEG-3640/SEG-46443/SF01689893] A high event ingest volume sometimes caused deadlocks in Microsoft SQL Server when outdated events were being removed. Solution 1: This issue is fixed in this release.

Issue 2: [DSSEG-3611] When upgrading Deep Security Agent 9.0 for AIX 7.2, Deep Security Manager did not display the latest agent software versions in the 'Agent Version' drop-down list on the 'Upgrade Agent Software' dialog box. Solution 2: This issue is fixed in this release.

Issue 3: [DSSEG-3608] Scheduled Tasks to "Check for Security Updates" now have an optional timeout field, which is used to select the window of time after the scheduled start time in which security updates may be started. Solution 3: This issue is fixed in this release.

Issue 5: [DSSEG-3543/SF00852049/SEG-35448] Event-based tasks with patterns that matched negative regular expressions yielded more accurate matches. Solution 5: This issue is fixed in this release.

Issue 6: [DSSEG-3500/VRTS-3079/01692957] An unexpected privilege escalation sometimes happened when editing Deep Security Manager's contact properties. Solution 6: This issue is fixed in this release.

Update 10

Enhancement 1: [DSSEG-3749] For AWS connector full synchronization, synchronization errors have been isolated from different regions so that the errors will not affect the synchronization of other regions.

Issue 1: [DSSEG-3762/SEG-45663] The encrypted PDF generation process was failing due to a dependency issue for a third party library. Solution 1: This issue is fixed in this release.

Issue 2: [DSSEG-3721/SEG-49499/SF01950008] In Malware Scan Configurations, when the scan type was Manual/Scheduled, the "Spyware/Grayware Scan Enabled" column always displayed "N/A". Solution 2: This issue is fixed in this release.

Issue 3: [DSSEG-3599/01686438/SEG-47152] Application Control events did not include a "Size" column. Solution 3: This issue is fixed in this release.

Update 11

Enhancement 1: [DSSEG-3731] Added the ability to enable or disable Common Scan Cache for each agent through a CLI command.

Issue 1: [DSSEG-3956] If inline synchronization was disabled, a performance issue occurred that was caused by a large volume of inline synchronization to the same AWS cloud account imported to Deep Security Manager. Solution 1: This issue is fixed in this release.

Issue 2: [DSSEG-3858] The "Use Cross Account Role" option on the AWS Connector properties page was not being disabled in some cases. Solution 2: The option is now only enabled for Deep Security Manager instances deployed on AWS or instances where the Manager AWS Identity has been configured.

Issue 3: [DSSEG-3742] The reconnaissance alerts could not be disabled because the toggle was greyed out. Solution 3: This issue is fixed in this release.

Update 13

Issue 1: [DSSEG-4265/SF02060051/SEG-52044] When Deep Security Manager was connected to both a case-sensitive Microsoft SQL database and VMware NSX, the Deep Security Manager upgrade readiness check would sometimes fail and block the upgrade. Solution 1: This issue is fixed in this release.

Issue 2: [DSSEG-3836] The Deep Security Manager console contains links for more information about the Trend Micro Smart Protection Network. Those links pointed to an outdated URL. Solution 2: This issue is fixed in this release.

Issue 3: [DSSEG-3621/SEG-47565] After a large number of vMotion tasks were performed, the Deep Security Manager console sometimes showed duplicate virtual machines in a vCenter connector. Solution 3: This issue is fixed in this release.

Issue 4: [DSSEG-3597/SEG-47565] Anti-Malware Engine status would change to offline when the BIOS UUID of a VMware Virtual Machine was changed. Solution 4: This issue is fixed in this release.

Issue 5: [DSSEG-4322] The latest kernel update for some Linux operating systems, including Red Hat Enterprise Linux 7 and Amazon Linux, made a change that caused failures during agent-initiated communication heartbeats. Solution 5: This issue is fixed in this release.

Update 14

Enhancement 1: [DSSEG-4261] Added support for Deep Security Manager so Oracle Linux 8 is correctly displayed on Computers and Administration > Updates > Local Software.

Enhancement 2: [DSSEG-4493] Added Oracle 18 as a supported database.

Issue 1: [DSSEG-4443] In the Deep Security Manager console, users could not add files in root directory "/" to an exclusion file list. Solution 1: This issue is fixed in this release.

Issue 2: [DSSEG-4330] Selecting "Security updates only" as the update content for a relay group on Administration > Updates > Relay Management > Relay Group Properties did not work as expected. Solution 2: This issue is fixed in this release.

Issue 3: [SF01722554/DSSEG-3723/SEG-41425] Deep Security Agent sometimes went offline when duplicate virtual UUIDs were stored in the database. Solution 3: This issue is fixed in this release.

Issue 4: [DSSEG-2630] The Deep Security Agent's GUID is not included in the Anti-Malware and Web Reputation events when the Deep Security Manager sends those events to the Control Manager. Therefore, the Control Manager can't properly identify the affected hosts when processing the event notifications. Solution 4: This issue is fixed in this release.

Update 15

Enhancement 1: [DSSEG-4571] Updated Deep Security Manager to allow signed agent installers to be exported from the Deep Security Manager or installed via deployment script. The file name of any signed agent installer with extension .rpm now starts with "Agent-PGPCore" instead of "Agent- Core".

Issue 1: [SF02374723/DSSEG-4583/SEG-58761] In the computer or policy editor in Deep Security Manager, under "Anti-Malware > General > Real-Time Scan > Schedule > Edit", the "Assigned To" tab was sometimes empty, even when the schedule was assigned correctly to computers and policies. Solution 1: This issue is fixed in this release.

Issue 2: [DSSEG-4528/02007591/SEG-58268] Deep Security Manager did not prevent the creation of incompatible Intrusion Prevention configurations. Solution 2: This issue is fixed in this release.

Issue 3: [DSSEG-3302] When a virtual machine (VM) was deleted from Horizon or vCenter, the change wasn't immediately synchronized with the Deep Security Virtual Appliance. Because the appliance still had the old protected guest VM status, it would report an unexpected Firewall/DPI engine offline status to the Deep Security Manager when the new VDI machine was created and activated successfully. Solution 3: This issue is enhanced in this release. There still be timing issue when VDI re-provision, the FW/DPI engine offline status will be back online after next heartbeat.

Update 17

Issue 1: [DSSEG-4712/02223786/SEG-55842] The activation code which extended the expiration date license for a multi-tenant account could not be inputted for enabling multi-tenant function because Deep Security Manager did not check the license status online. Solution 1: This issue is fixed in this release.

Issue 2: [DSSEG-4674/SEG-60410/02434648] When a custom Anti-Evasion posture was selected in a parent policy (in the policy editor Settings > Advanced > Network Engine Settings > Anti-Evasion Posture > select 'Custom'), that setting did not appear in the child policies. Solution 2: This issue is fixed in this release.

Issue 3: [SF02339427/DSSEG-4553/SEG-57996] When an invalid or unresolvable SNMP server name was configured in Administration > System Settings > Event Forwarding > SNMP, it caused SIEM and SNS to also fail. Solution 3: This issue has been fixed in this release.

Issue 4: [SF02060199/DSSEG-4131/SEG-52485] Active Directory synchronization sometimes would not finish. Solution 4: This issue is fixed in this release.

Issue 6: [DSSEG-2495] In the File Lists, the Deep Security Manager doesn't accept the Windows file paths that start with a wildcard on the root directory of a file system. Solution 6: This issue is fixed in this release.

Update 18

Enhancement 1: [SF02434919/SEG-61331/DSSEG-4903] Added a progress bar to the Administrator Role page to indicate when the page is still loading.

Issue 1: [DSSEG-4907] The "Activity Overview" widget sometime displayed the incorrect database size.

Issue 2: [SF02578797/SEG-63560/DSSEG-4866] When sorting the "Alert Configuration" page by the "ON" column, the number of alerts was sometimes incorrect.

Issue 3: [DSSEG-4930] Memory threshold alerts were raised despite the system having memory available.

Issue 4: [SEG-57660/DSSEG-4776] Packet data was not included in the exported firewall event CSV file.

Issue 5: [SF02531971/SEG-62740/DSSEG-4823] The computers list did not search for "Software Update Status" correctly. This affected the computers list and the "out-of-date" computer reports and widgets that used it for displaying affected computers.