Supported features by platform

The tables below list the features available for each OS platform of Deep Security Agent 11.3:

Microsoft Windows (11.3 agent)
Red Hat Enterprise Linux (11.3 agent)
CentOS Linux (11.3 agent)
Oracle Linux (11.3 agent)
SUSE Linux (11.3 agent)
Ubuntu Linux (11.3 agent)
Debian Linux (11.3 agent)
Cloud Linux (11.3 agent)
Amazon Linux (11.3 agent)
Deep Security Virtual Appliance (NSX) (with embedded 11.3 agent)

Older agents are compatible with other platforms (although they don't support new features on Deep Security Manager 11.3). See their Deep Security Agent platforms, Deep Security Agent release notes, and supported features lists:

Deep Security Agent 10.0 (and newer) supported features: In the drop-down menu above, select that version of Deep Security.
Deep Security Agent 9.6 Service Pack 1 supported features

Microsoft Windows (11.3 agent)

	Anti-Malware				Web Reputation Service	Firewall	Intrusion Prevention System		Integrity Monitoring					Log Inspection	Application Control	Recommen- dation Scan	Relay	Scanner	FIPS mode
	Real-time		On-demand						Real-time		On-demand
	Feature set 1	Feature set 2	Feature set 1	Feature set 2			Unencrypted Traffic	SSL Encrypted Traffic	File and Directory Scans	Scans of Running Services, Processes, Listening Ports	File and Directory Scans	Registry Scans	Scans of Running Services, Processes, Listening Ports
Windows 7 32	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔
Windows 7 64	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔	✔		✔
Windows 7 Embedded 32 (³)	✔	✔	✔		✔	✔	✔	✔			✔	✔	✔	✔		✔
Windows Server 2008 32	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔
Windows Server 2008 64	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔	✔		✔
Windows Server 2008 R2 64	✔	✔	✔		✔	✔	✔	✔	✔ (¹)	✔	✔	✔	✔	✔	✔	✔	✔	✔	✔
Windows 8 32	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔
Windows 8 64	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔	✔		✔
Windows 8.1 32	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔
Windows 8.1 64	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔	✔
Windows 8.1 Embedded 32 (³)	✔	✔	✔		✔	✔	✔	✔			✔	✔	✔	✔		✔
Windows 10 32 (²)	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔
Windows 10 64 (²)	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔	✔		✔
Windows 10 Embedded 64 (³)	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔	✔
Windows Server 2012 64	✔	✔	✔		✔	✔	✔	✔	✔	✔	✔	✔	✔	✔		✔	✔		✔
Windows Server 2012 R2 64	✔	✔	✔		✔	✔	✔	✔	✔ (¹)	✔	✔	✔	✔	✔	✔	✔	✔	✔	✔
Windows Server Core 2012 64	✔	✔	✔		✔	✔	✔	✔	✔ (¹)	✔	✔	✔	✔	✔	✔	✔	✔		✔
Windows Server Core 2012 R2 64	✔	✔	✔		✔	✔	✔	✔	✔ (¹)	✔	✔	✔	✔	✔	✔	✔	✔		✔
Windows Server 2016 64	✔	✔	✔		✔	✔	✔	✔	✔ (¹)	✔	✔	✔	✔	✔	✔	✔	✔	✔	✔
Windows Server 2016 1709 (RS3) 64	✔	✔	✔		✔	✔	✔	✔	✔ (¹)	✔	✔	✔	✔	✔	✔	✔	✔		✔
Windows Server 2016 1803 (RS4) 64	✔	✔	✔		✔	✔	✔	✔	✔ (¹)	✔	✔	✔	✔	✔	✔	✔	✔		✔
Windows Server 2019 1809 64	✔	✔	✔		✔	✔	✔	✔	✔ (¹)	✔	✔	✔	✔	✔	✔	✔	✔		✔

Red Hat Enterprise Linux (11.3 agent)

	Anti-Malware				Web Reputation Service	Firewall	Intrusion Prevention System		Integrity Monitoring					Log Inspection	Application Control	Recommen- dation Scan	Relay	Scanner	FIPS mode
	Real-time		On-demand						Real-time		On-demand
	Feature set 1	Feature set 2	Feature set 1	Feature set 2			Unencrypted Traffic	SSL Encrypted Traffic	File and Directory Scans	Scans of Running Services, Processes, Listening Ports	File and Directory Scans	Registry Scans	Scans of Running Services, Processes, Listening Ports
Red Hat Enterprise Linux 6 32	✔ (⁴)		✔			✔	✔	✔		✔	✔		✔	✔		✔
Red Hat Enterprise Linux 6 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔	✔
Red Hat Enterprise Linux 7 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔	✔	✔

CentOS Linux (11.3 agent)

	Anti-Malware				Web Reputation Service	Firewall	Intrusion Prevention System		Integrity Monitoring					Log Inspection	Application Control	Recommen- dation Scan	Relay	Scanner	FIPS mode
	Real-time		On-demand						Real-time		On-demand
	Feature set 1	Feature set 2	Feature set 1	Feature set 2			Unencrypted Traffic	SSL Encrypted Traffic	File and Directory Scans	Scans of Running Services, Processes, Listening Ports	File and Directory Scans	Registry Scans	Scans of Running Services, Processes, Listening Ports
CentOS 6 32	✔(⁴)		✔			✔	✔	✔		✔	✔		✔	✔		✔
CentOS 6 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔
CentOS 7 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔		✔

Oracle Linux (11.3 agent)

	Anti-Malware				Web Reputation Service	Firewall	Intrusion Prevention System		Integrity Monitoring					Log Inspection	Application Control	Recommen- dation Scan	Relay	Scanner	FIPS mode
	Real-time		On-demand						Real-time		On-demand
	Feature set 1	Feature set 2	Feature set 1	Feature set 2			Unencrypted Traffic	SSL Encrypted Traffic	File and Directory Scans	Scans of Running Services, Processes, Listening Ports	File and Directory Scans	Registry Scans	Scans of Running Services, Processes, Listening Ports
Oracle Linux 6 32			✔			✔	✔	✔		✔	✔		✔	✔		✔
Oracle Linux 6 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔
Oracle Linux 7 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔

SUSE Linux (11.3 agent)

	Anti-Malware				Web Reputation Service	Firewall	Intrusion Prevention System		Integrity Monitoring					Log Inspection	Application Control	Recommen- dation Scan	Relay	Scanner	FIPS mode
	Real-time		On-demand						Real-time		On-demand
	Feature set 1	Feature set 2	Feature set 1	Feature set 2			Unencrypted Traffic	SSL Encrypted Traffic	File and Directory Scans	Scans of Running Services, Processes, Listening Ports	File and Directory Scans	Registry Scans	Scans of Running Services, Processes, Listening Ports
SUSE Linux Enterprise Server 11 32	✔(⁴)		✔			✔	✔	✔		✔	✔		✔	✔		✔
SUSE Linux Enterprise Server 11 64	✔(⁴)		✔		✔	✔	✔	✔		✔	✔		✔	✔		✔	✔	✔
SUSE Linux Enterprise Server 12 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔	✔

Ubuntu Linux (11.3 agent)

	Anti-Malware				Web Reputation Service	Firewall	Intrusion Prevention System		Integrity Monitoring					Log Inspection	Application Control	Recommen- dation Scan	Relay	Scanner	FIPS mode
	Real-time		On-demand						Real-time		On-demand
	Feature set 1	Feature set 2	Feature set 1	Feature set 2			Unencrypted Traffic	SSL Encrypted Traffic	File and Directory Scans	Scans of Running Services, Processes, Listening Ports	File and Directory Scans	Registry Scans	Scans of Running Services, Processes, Listening Ports
Ubuntu 16.04.1 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔
Ubuntu 18.04 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔

Debian Linux (11.3 agent)

	Anti-Malware				Web Reputation Service	Firewall	Intrusion Prevention System		Integrity Monitoring					Log Inspection	Application Control	Recommen- dation Scan	Relay	Scanner	FIPS mode
	Real-time		On-demand						Real-time		On-demand
	Feature set 1	Feature set 2	Feature set 1	Feature set 2			Unencrypted Traffic	SSL Encrypted Traffic	File and Directory Scans	Scans of Running Services, Processes, Listening Ports	File and Directory Scans	Registry Scans	Scans of Running Services, Processes, Listening Ports
Debian 7 64			✔		✔	✔	✔	✔			✔		✔	✔		✔	✔
Debian 8 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔
Debian 9 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔

Cloud Linux (11.3 agent)

	Anti-Malware				Web Reputation Service	Firewall	Intrusion Prevention System		Integrity Monitoring					Log Inspection	Application Control	Recommen- dation Scan	Relay	Scanner	FIPS mode
	Real-time		On-demand						Real-time		On-demand
	Feature set 1	Feature set 2	Feature set 1	Feature set 2			Unencrypted Traffic	SSL Encrypted Traffic	File and Directory Scans	Scans of Running Services, Processes, Listening Ports	File and Directory Scans	Registry Scans	Scans of Running Services, Processes, Listening Ports
Cloud Linux 7 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔

Amazon Linux (11.3 agent)

	Anti-Malware				Web Reputation Service	Firewall	Intrusion Prevention System		Integrity Monitoring					Log Inspection	Application Control	Recommen- dation Scan	Relay	Scanner	FIPS mode
	Real-time		On-demand						Real-time		On-demand
	Feature set 1	Feature set 2	Feature set 1	Feature set 2			Unencrypted Traffic	SSL Encrypted Traffic	File and Directory Scans	Scans of Running Services, Processes, Listening Ports	File and Directory Scans	Registry Scans	Scans of Running Services, Processes, Listening Ports
Amazon Linux 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔
Amazon Linux 2 64	✔(⁴)		✔		✔	✔	✔	✔	✔ (¹)	✔	✔		✔	✔	✔	✔	✔

Deep Security Virtual Appliance (NSX) (with embedded 11.3 agent)

	Anti-Malware				Web Reputation Service	Firewall	Intrusion Prevention System		Integrity Monitoring					Log Inspection	Application Control	Recommen- dation Scan	Relay	Scanner	FIPS mode
	Real-time		On-demand						Real-time		On-demand
	Feature set 1	Feature set 2	Feature set 1	Feature set 2			Unencrypted Traffic	SSL Encrypted Traffic	File and Directory Scans	Scans of Running Services, Processes, Listening Ports	File Scans	Registry Scans	Scans of Running Services, Processes, Listening Ports
Windows 7 32	✔		✔		✔	✔	✔				✔					✔			N/A
Windows 7 64	✔		✔		✔	✔	✔				✔					✔			N/A
Windows Server 2008 32	✔		✔		✔	✔	✔				✔					✔			N/A
Windows Server 2008 64	✔		✔		✔	✔	✔				✔					✔			N/A
Windows Server 2008 R2 64	✔		✔		✔	✔	✔				✔					✔			N/A
Windows 8 32	✔		✔		✔	✔	✔				✔					✔			N/A
Windows 8 64	✔		✔		✔	✔	✔				✔					✔			N/A
Windows 8.1 32	✔		✔		✔	✔	✔				✔					✔			N/A
Windows 8.1 64	✔		✔		✔	✔	✔				✔					✔			N/A
Windows Server 2012 64	✔		✔		✔	✔	✔				✔					✔			N/A
Windows Server 2012 R2 64	✔		✔		✔	✔	✔				✔					✔			N/A
Windows 10 32 (²)	✔		✔		✔	✔	✔				✔					✔			N/A
Windows 10 64 (²)	✔		✔		✔	✔	✔				✔					✔			N/A
Windows Server 2016 1709 (RS3) 64 (with NSX 6.3.3)	✔		✔		✔	✔	✔				✔					✔			N/A
Windows Server 2016 1803 (RS4) 64	✔		✔		✔	✔	✔				✔					✔			N/A
Windows Server 2019 1809 64	✔		✔		✔	✔	✔				✔					✔			N/A
Red Hat Enterprise Linux 5 32					✔	✔	✔												N/A
Red Hat Enterprise Linux 5 64					✔	✔	✔												N/A
Red Hat Enterprise Linux 6 32					✔	✔	✔												N/A
Red Hat Enterprise Linux 6 64					✔	✔	✔												N/A
Red Hat Enterprise Linux 7 64					✔	✔	✔												N/A
CentOS 5 32					✔	✔	✔												N/A
CentOS 5 64					✔	✔	✔												N/A
CentOS 6 32					✔	✔	✔												N/A
CentOS 6 64					✔	✔	✔												N/A
CentOS 7 64					✔	✔	✔												N/A
Oracle Linux 6 32					✔	✔	✔												N/A
Oracle Linux 6 64					✔	✔	✔												N/A
Oracle Linux 7 64					✔	✔	✔												N/A
SUSE Linux Enterprise Server 10 SP4 32					✔	✔	✔												N/A
SUSE Linux Enterprise Server 10 SP4 64					✔	✔	✔												N/A
SUSE Linux Enterprise Server 11 SP4 32					✔	✔	✔												N/A
SUSE Linux Enterprise Server 11 SP4 64					✔	✔	✔												N/A
SUSE Linux Enterprise Server 12 SP3 64					✔	✔	✔												N/A
Ubuntu 14.04 LTS 64					✔	✔	✔												N/A
Ubuntu 16.04 LTS 64					✔	✔	✔												N/A
Ubuntu 18.04 LTS 64					✔	✔	✔												N/A
Debian 8 64					✔	✔	✔												N/A
Debian 9 64					✔	✔	✔												N/A

Feature set 1 includes signature-based file scanning, spyware scanning, and document exploit protection.

Feature set 2 includes behavior monitoring, process memory scanning, and registry scanning.

(¹) This platform supports enhanced real-time integrity monitoring. It uses the application control driver to provide file monitoring and captures information about who made changes to a monitored file.

(²) Microsoft releases regular, semi-annual releases for Microsoft Windows 10. For details about which specific releases are supported, see Deep Security Support for Windows 10.

(³) All Trend Micro testing on Windows Embedded platforms is performed in a virtualized environment. Because these operating systems are typically run on custom hardware (for example, on point-of-sale terminals), customers must plan to thoroughly test on their target hardware platform prior to deployment in a production environment. In addition, before raising support cases, customers should attempt to reproduce problems in a virtualized environment because this is the environment the Trend Micro support team has available. If the issue is specific to deployments on custom hardware, Trend Micro may require the customer to provide us with remote access to a suitable environment before we can fully respond to support cases.

(⁴) Real-time Anti-Malware support on Linux: Real-time Anti-Malware scanning is highly dependent on the file system hooking implementation, so file system incompatibility can cause issues with this feature. The following table shows which file systems are compatible with the feature:

File system type		Deep Security Agent version
File system type		11.3	11.2	11.1	11.0	10.3	10.2	10.1	10.0	9.6
Disk file systems	ext2	✔	✔	✔	✔	✔	✔	✔	✔	✔
	ext3	✔	✔	✔	✔	✔	✔	✔	✔	✔
	ext4	✔	✔	✔	✔	✔	✔	✔	✔	✔
	XFS	✔	✔	✔	✔	✔	✔	✔	✔	✔
	Btrfs	✔	✔	✔	✔	✔	✔	✔	✔	✔
	VFAT	✔	✔	✔	✔	✔	✔	✔	✔	✔
Optical discs	ISO 9660	✔	✔	✔	✔	✔	✔	✔	✔	✔
Special file systems	tmpfs	✔	✔	✔	✔	✔	✔	✔	✔	✔
	aufs	✔	✔	✔	✔	✔	✔	✔	✔
	OverlayFS	✔	✔	✔	✔	✔	✔	✔	✔	✔
Network file systems (see Note, below)	NFSv3	✔	✔	✔	✔	✔	✔	✔	✔	✔
	NFSv4	✔	✔	✔	✔	✔	✔	✔	✔	✔
	SMB	✔	✔	✔	✔	✔	✔	✔	✔	✔
	CIFS	✔	✔	✔	✔	✔	✔	✔	✔	✔
	FTP	✔	✔	✔	✔	✔	✔	✔	✔	✔

To protect network file systems, you must select Enable network directory scan in the malware scan configuration. For information, see Scan a network directory (real-time scan only).