Deep Security 11.2 has reached end of support. Use the version selector (above) to see more recent versions of the Help Center.

About upgrades

To ensure maximum protection, upgrade your software, security rules and malware patterns when updates are available. Upgrade types include:

Software update: A package of new software such as the Deep Security Manager, Agent and Relay. See Upgrade the Deep Security Manager AMI and Update the Deep Security Agent.
Security update: An update to the security rules and malware patterns that Deep Security uses to identify potential threats. See Get and distribute security updates.

Relays distribute both software updates and security updates to your agents. Software updates (but not security updates) can alternatively be distributed by a local mirror web server.

All Deep Security Relays must be upgraded before upgrading the Deep Security Agent. Failure to do so may cause the relay upgrade to fail.

In this topic:

How agents validate the integrity of updates
How Deep Security Manager checks for software updates

How agents validate the integrity of updates

All security updates are verified for integrity by Deep Security using methods that include digital signatures and checksums (hashes) as well as other, non-disclosed methods. Software updates are digitally signed.

If you want to manually validate signatures or the checksums available on the Download Center, you can also use a tool such as:

sha256sum (Linux)
Checksum Calculator (Windows)
jarsigner (Java Development Kit (JDK))

For example, you could enter this command to verify a download's signature:

jarsigner -verify <filename>.zip

How Deep Security Manager checks for software updates

Deep Security Manager periodically connects to Trend Micro update servers to check for updates to software that you have imported into the Deep Security Manager database, such as:

Deep Security Agent
Deep Security Manager

The check is made against the local inventory, not against what is available on the Download Center. (There is a separate alert for new software on the Download Center.)

Deep Security will only inform you of minor version updates-not major-of software.
For example, if you have agent version 9.6.100, and Trend Micro releases agent version 9.6.200, an alert will tell you that software updates are available. However, if Trend Micro then releases agent version 10.0.xxx (a major version difference) and you don't have any 10.0 agents in the database, no alert will appear (even though 10.0is newer than 9.6.100).

An alert on the manager will notify you that software updates are available. The "Trend Micro Download Center" section on Administration > Updates > Software also indicates whether there are updates available. Once you import (download) software into the Deep Security Manager database, you can upgrade the software in your deployment. See Update the Deep Security Agent.

To see all software packages that are available for download (even if you haven't imported it before), go to Administration > Updates > Software > Download Center.

To determine when the last check was performed, whether it was successful, or to manually initiate a check for updates, go to Administration > Updates > Software and view the "Deep Security" section. If you have configured a scheduled task to check for updates, the date and time of the next scheduled check is also listed here. See Schedule Deep Security to perform tasks.

When imported, software is stored in the Deep Security Manager database. Imported software is periodically replicated to relay-enabled agents.