Activate the agent

Before the installed agent can protect its computer or be converted to a relay, you must activate the agent with Deep Security Manager. Activation registers the agent with the manager during an initial communication. To do this, you can either:

  • Activate the agent from the manager. Go to Computers, right-click the computer whose agent or appliance you want to activate or reactivate and select Actions > Activate/Reactivate. (Alternatively, click Activate or Reactivate in the computer's Details window.)
  • Activate the agent on the agent. Run this command:
    dsa_control -a dsm://<dsm_host_or_IP>:<port>/
    where:
    <dsm_host_or_IP> is replaced with the Deep Security Manager hostname or IP address, and
    <port> is replaced with the Deep Security Manager heartbeat port, which is 4120, by default.
    For details on this command, see Command-line basics.
  • Activate the agent through a deployment script. See Use deployment scripts to add and protect computers for details.
  • Activate the agent through an event-based task ("Computer Created (by System)" event) to automatically activate computers when they connect to the manager or when the manager syncs with an LDAP directory, cloud account, or vCenter. For more information, see Automatically perform tasks when a computer is added or changed.

Before activation, the agent or appliance will have one of these statuses:

  • No Agent /Appliance : Indicates one of the following situations:
    • No agent or appliance is running or listening on the default port.
    • An agent or appliance is installed and running but is working with another manager and communications are configured as agent/appliance-initiated. In this case, the agent or appliance is not listening for this manager. To correct this situation, deactivate the agent from the computer.
  • Activation Required: The agent or appliance is installed and listening, and is ready to be activated by the manager.
  • Reactivation Required: The agent or appliance is installed and listening and is waiting to be reactivated by the manager.
  • Deactivation Required: The agent or appliance is installed and listening, but has already been activated by another manager.
  • Unknown: The computer has been imported (as part of an imported Computers list) without state information, or has been added by way of an LDAP directory discovery process.

After a successful activation, the agent or appliance state is Online. If the activation failed, the computer status is Activation Failed with the reason for the failure in brackets. Click this link to display the system event for more details on the reason for the activation failure.

Although IPv6 traffic is supported by Deep Security 8.0 and earlier agents and appliances, it is blocked by default. To allow IPv6 traffic on Deep Security 8.0 Agents and Appliances, open a Computer or Policy editorClosedYou can change these settings for a policy or for a specific computer. To change the settings for a policy, go to the Polices page and double-click the policy that you want to edit (or select the policy and click Details). To change the settings for a computer, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). and go to Settings > Advanced > Advanced Network Engine Settings. Set the Block IPv6 for 8.0 and Above Agents and Appliances option to No.

Deactivate the agent

If you want to transfer control of a computer from one Deep Security Manager installation to another, you must deactivate the agent or appliance with its current manager, and then re-activate it with the new manager.

You can normally deactivate the agent or appliance from the Deep Security Manager that is currently managing the agent or appliance. If the Deep Security Manager cannot communicate with the agent or appliance, you may have to perform the deactivation manually. To run the commands below, you must have administrator privileges on the local machine.

To deactivate the agent on Windows:

  1. From a command line, change to the agent directory (Default is C:\Program Files\Trend Micro\Deep Security Agent)
  2. Run the following: dsa_control -r

To deactivate the agent on Linux:

  1. Run the following: /opt/ds_agent/dsa_control -r

Stop or start the agent

To start or stop the agent on Windows:

  • Stop: from the command line, run the following: sc stop ds_agent
  • Start: from the command line, run the following: sc start ds_agent

To start or stop the agent on Linux:

  • Stop: run the following: /etc/init.d/ds_agent stop
  • Start: run the following: /etc/init.d/ds_agent start

Stop or start the appliance

Stopping or starting the appliance can only be done locally on the host computer.

To start or stop the appliance on Linux:

  • Stop: run the following: /etc/init.d/ds_agent stop
  • Start: run the following: /etc/init.d/ds_agent start