Supported features by platform
The tables below list the features available for each OS platform of Deep Security Agent 11.0:
- Microsoft Windows (11.0 agent)
- Red Hat Enterprise Linux (11.0 agent)
- CentOS Linux (11.0 agent)
- Oracle Linux (11.0 agent)
- SUSE Linux (11.0 agent)
- Ubuntu Linux (11.0 agent)
- Debian Linux (11.0 agent)
- CloudLinux (11.0 agent)
- Solaris (11.0 agent)
- Amazon Linux (11.0 agent)
- Deep Security Virtual Appliance (NSX) (with embedded 11.0 agent)
Older agents are compatible with other platforms (although they don't support new features on Deep Security Manager 11.0). See their Deep Security Agent platforms , Deep Security Agent release notes, and supported features lists:
-
- Deep Security Agent 9.6 Service Pack 1 supported features
Microsoft Windows (11.0 agent)
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-endation Scan | Relay | Scanner | FIPS mode | |||||||||
| Real-time | On-demand | Real-time | On-demand | ||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File and Directory Scans | Scans of Running Services, Processes, Listening Ports | File and Directory Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| Windows 7 32 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
| Windows 7 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||
| Windows Server 2008 32 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
| Windows Server 2008 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||
| Windows Server 2008 R2 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| Windows 8 32 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
| Windows 8 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||
| Windows 8.1 32 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
| Windows 8.1 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||
| Windows 10 32 (2) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
| Windows 10 64 (2) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||
| Windows Server 2012 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||
| Windows Server 2012 R2 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| Windows Server Core 2012 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||
| Windows Server Core 2012 R2 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||
| Windows Server 2016 Version 1607 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(3) | ✔ | |
| Windows Server 2016 Version 1709 (RS3) 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||
| Windows Server 2016 Version 1803 (RS4) 64 (5) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||
| Windows Server 2019 Version 1809 64 (5) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Red Hat Enterprise Linux (11.0 agent)
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-
endation Scan |
Relay | Scanner | FIPS mode | ||||||||||
| Real-time | On-demand | Real-time | On-demand | |||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File Scans | Directory Scans | Scans of Running Services, Processes, Listening Ports | File and Directory Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| Red Hat Enterprise Linux 6 32 | ✔ (7) | ✔ | ✔ | ✔ | ✔ | ✔ |
✔ |
✔ |
✔ |
✔ |
||||||||||
| Red Hat Enterprise Linux 6 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
| Red Hat Enterprise Linux 7 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||
| Red Hat Enterprise Linux 8 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||
CentOS Linux (11.0 agent)
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-
endation Scan |
Relay | Scanner | FIPS mode | ||||||||||
| Real-time | On-demand | Real-time | On-demand | |||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File Scans | Directory Scans | Scans of Running Services, Processes, Listening Ports | File and Directory Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| CentOS 6 32 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ |
✔ |
✔ |
✔ |
✔ |
||||||||||
| CentOS 6 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ||||||
| CentOS 7 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
Oracle Linux (11.0 agent)
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-
endation Scan |
Relay | Scanner | FIPS mode | ||||||||||
| Real-time | On-demand | Real-time | On-demand | |||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File Scans | Directory Scans | Scans of Running Services, Processes, Listening Ports | File and Directory Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| Oracle Linux 6 32 | ✔ | ✔ | ✔ | ✔ | ✔ |
✔ |
✔ |
✔ |
✔ |
|||||||||||
| Oracle Linux 6 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ||||||
| Oracle Linux 7 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ||||||
SUSE Linux (11.0 agent)
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-
endation Scan |
Relay | Scanner | FIPS mode | ||||||||||
| Real-time | On-demand | Real-time | On-demand | |||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File Scans | Directory Scans | Scans of Running Services, Processes, Listening Ports | File and Directory Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| SUSE Linux Enterprise Server 11 32 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ |
✔ |
✔ |
✔ |
✔ |
||||||||||
| SUSE Linux Enterprise Server 11 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
✔ |
✔ |
✔ |
✔ | ✔ | ✔ | |||||||
| SUSE Linux Enterprise Server 12 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
| SUSE Linux Enterprise Server 15 (64‑bit) | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
Ubuntu Linux (11.0 agent)
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-
endation Scan |
Relay | Scanner | FIPS mode | ||||||||||
| Real-time | On-demand | Real-time | On-demand | |||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File Scans | Directory Scans | Scans of Running Services, Processes, Listening Ports | File and Directory Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| Ubuntu 16 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ||||||
| Ubuntu 18 64 (4) | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ||||||
Debian Linux (11.0 agent)
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-
endation Scan |
Relay | Scanner | FIPS mode | ||||||||||
| Real-time | On-demand | Real-time | On-demand | |||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File Scans | Directory Scans | Scans of Running Services, Processes, Listening Ports | File and Directory Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| Debian 7 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||||
| Debian 8 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||
| Debian 9 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||
CloudLinux (11.0 agent)
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-
endation Scan |
Relay | Scanner | FIPS mode | ||||||||||
| Real-time | On-demand | Real-time | On-demand | |||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File Scans | Directory Scans | Scans of Running Services, Processes, Listening Ports | File and Directory Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| CloudLinux 6 64 (6) | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
| CloudLinux 7 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ||||||
Solaris (11.0 agent)
See How does agent protection work for Solaris zones? for more on how protection works between Solaris zones.
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-
endation Scan |
Relay | Scanner | FIPS mode | |||||||||
| Real-time | On-demand | Real-time | On-demand | ||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File and Directory Scans | Scans of Running Services, Processes, Listening Ports | File and Directory Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| Solaris 10 (6) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||||
| Solaris 11 (6) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||||
Amazon Linux (11.0 agent)
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-
endation Scan |
Relay | Scanner | FIPS mode | ||||||||||
| Real-time | On-demand | Real-time | On-demand | |||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File Scans | Directory Scans | Scans of Running Services, Processes, Listening Ports | File and Directory Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| Amazon Linux 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ||||||
| Amazon Linux 2 64 | ✔(7) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔(1) | ✔ |
✔ |
✔ | ✔ | ✔ | ✔ | ✔ | ||||||
Deep Security Virtual Appliance (NSX) (with embedded 11.0 agent)
The list of supported features varies not only by platform, as shown in the table below, but also by NSX license type. For details on which features are supported by your NSX license, see VMware deployments with the virtual appliance and NSX 6.3 or higher.
| Anti-Malware | Web Reputation Service | Firewall | Intrusion
Prevention System |
Integrity
Monitoring |
Log Inspection | Application Control | Recomm-
endation Scan |
Relay | Scanner | FIPS mode | |||||||||
| Real-time | On-demand | Real-time | On-demand | ||||||||||||||||
| Feature set 1 | Feature set 2 | Feature set 1 | Feature set 2 | Unencrypted Traffic | SSL Encrypted Traffic | File and Directory Scans | Scans of Running Services, Processes, Listening Ports | File Scans | Registry Scans | Scans of Running Services, Processes, Listening Ports | |||||||||
| Windows 7 32 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows 7 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows Server 2008 32 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows Server 2008 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows Server 2008 R2 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows 8 32 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows 8 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows 8.1 32 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows 8.1 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows Server 2012 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows Server 2012 R2 64 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows 10 32 (2) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows 10 64 (2) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows Server 2016 Version 1803 (RS4) 64 (5) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows Server 2019 Version 1809 64 (5) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Windows 2016 64 (with NSX 6.3.3) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ||||||||||||
| Red Hat Enterprise Linux 6 32 | ✔ | ✔ | ✔ | ||||||||||||||||
| Red Hat Enterprise Linux 6 64 | ✔ | ✔ | ✔ | ||||||||||||||||
| Red Hat Enterprise Linux 7 64 | ✔ | ✔ | ✔ | ||||||||||||||||
| CentOS 6 32 | ✔ | ✔ | ✔ | ||||||||||||||||
| CentOS 6 64 | ✔ | ✔ | ✔ | ||||||||||||||||
| CentOS 7 64 | ✔ | ✔ | ✔ | ||||||||||||||||
| Oracle Linux 6 32 | ✔ | ✔ | ✔ | ||||||||||||||||
| Oracle Linux 6 64 | ✔ | ✔ | ✔ | ||||||||||||||||
| Oracle Linux 7 64 | ✔ | ✔ | ✔ | ||||||||||||||||
| SUSE Linux Enterprise Server 11 32 | ✔ | ✔ | ✔ | ||||||||||||||||
| SUSE Linux Enterprise Server 11 64 | ✔ | ✔ | ✔ | ||||||||||||||||
| SUSE Linux Enterprise Server 12 64 | ✔ | ✔ | ✔ | ||||||||||||||||
| Ubuntu 16 LTS 64 | ✔ | ✔ | ✔ | ||||||||||||||||
| Debian 8 64 | ✔ | ✔ | ✔ | ||||||||||||||||
| Debian 9 64 | ✔ | ✔ | ✔ | ||||||||||||||||
Feature set 1 includes signature-based file scanning, spyware scanning, and document exploit protection.
Feature set 2 includes behavior monitoring, process memory scanning, and registry scanning.
(1) This platform supports enhanced real-time integrity monitoring. It uses the application control driver to provide file monitoring and records who changed a monitored file.
(2) For details about which specific Windows 10 update releases are supported, see Deep Security Support for Windows 10.
(3) Requires Deep Security Agent and Manager 11.0 Update 1 or newer.
(4) Requires Deep Security Agent and Manager 11.0 Update 2 or newer.
(5) Requires Deep Security Agent and Manager 11.0 Update 4 or newer.
(6) Requires Deep Security Agent and Manager 11.0 Update 6 or newer for Solaris 10 and Solaris 11.0–11.3. Requires Deep Security (agent and manager) 11.0 Update 7 or a later update for Solaris 11.4.
(7) Real-time Deep Security Anti-Malware support on Linux depends on the file system hooking implementation. The following table shows compatible file systems:
| File system type | Deep Security Agent version | ||||||
|---|---|---|---|---|---|---|---|
| 11.0 | 10.3 | 10.2 | 10.1 | 10.0 | 9.6 | ||
| Disk file systems | ext2 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
| ext3 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| ext4 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| XFS | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| Btrfs | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| VFAT | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| Optical discs | ISO 9660 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
| Special file systems | tmpfs | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
| aufs | ✔ | ✔ | ✔ | ✔ | ✔ | ||
| OverlayFS | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| Network file systems (see Note, below) |
NFSv3 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
| NFSv4 | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| SMB | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| CIFS | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
| FTP | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
To protect network file systems, you must select Enable network directory scan in the malware scan configuration. For information, see Scan a network directory (real-time scan only).
