What's new?

Deep Security 11.2

Below are major changes in the feature release Deep Security 11.2. For the support life cycle, see Feature releases. For a detailed change log, see the Deep Security release notes.

  • Inactive agent cleanup: The new inactive agent cleanup feature can automatically remove computers that have been inactive for a specified period of time. This can be useful if your Deep Security deployment has a large number of offline computers that are not in a cloud account. For details, see Automate offline computer removal with inactive agent cleanup.
  • Automatic Anti-Malware engine update: Malware is constantly evolving, so the Anti-Malware engine that Deep Security uses must be updated regularly. Previously, to update the Anti-Malware engine, you were required to upgrade the Deep Security Agent, sometimes resulting in a reboot of the computer. With this release, you can update the Anti-Malware engine separately from the Deep Security Agent. You can set this update to happen automatically, which keeps your Anti-Malware engine updated without manual intervention and without rebooting the system. For details, see Get and distribute security updates.
  • Agent for Ubuntu 18.04: Deep Security Agent 11.2 supports Ubuntu 18.04. For details, see Supported features by platform.
  • Integrity Monitoring - improvements to real-time scans: Real-time file integrity monitoring on Linux and Windows server platforms is now provided using the Application Control engine. The updated file monitoring engine captures information about who made changes to a monitored file. This feature is supported with Deep Security Agent 11.1 or later on Linux and with Deep Security Agent 11.2 or later on Windows server platforms. For details about which platforms support this feature, see Supported features by platform.
  • New database support: You can now use SQL Server 2017 or PostgreSQL 10.x as your Deep Security Manager database. For details, see System requirements.
  • Improved container traffic scanning: With Deep Security Agent 11.1 and earlier, the Firewall and Intrusion Prevention modules inspect traffic that passes through the host computer's network interface to containers. With Deep Security Agent 11.2 or later, those modules can also inspect traffic between containers. For information on how to enable this feature, see Set up intrusion prevention and Set up the Deep Security firewall.
  • Signed installer packages: The installers for the Deep Security Manager, Deep Security Agent, and Deep Security Notifier are digitally signed. See Check digital signatures on software packages.

The Deep Security Agent for AIX and Solaris have not been tested for use with this feature release. The AIX and Solaris platforms continue to be fully supported using Deep Security Manager 11.0 and will continue to be supported in the next major release (Deep Security 12.0). If you have AIX and/or Solaris platforms in your deployment, please continue to use Deep Security Manager 11.0.