To ensure maximum protection, upgrade your software, security rules and malware patterns when updates are available. Upgrade types include:
- Software upgrades: A package of new software such as the Deep Security
Manager,Agent and Relay. See Upgrade the Deep Security Manager AMIand Upgrade the Deep Security Agent, and Upgrade the Deep Security Relay.
- Security update: An update to the security rules and malware patterns that Deep Security uses to identify potential threats. See Get and distribute security updates.
Relays distribute both software updates and security updates to your agents. Software updates (but not security updates) can alternatively be distributed by a local mirror web server.
All Deep Security Relays must be upgraded before upgrading the Deep Security Agent. If you do not upgrade your relays first, software upgrades may fail. See Upgrade the Deep Security Relay for details.
In this topic:
All security updates are verified for integrity by Deep Security using methods that include digital signatures and checksums (hashes) as well as other, non-disclosed methods. Software updates are digitally signed.
If you want to manually validate signatures or the checksums available on the Download Center, you can also use a tool such as:
- sha256sum (Linux)
- Checksum Calculator (Windows)
- jarsigner (Java Development Kit (JDK))
For example, you could enter this command to verify a download's signature:
jarsigner -verify <filename>.zip
Deep Security Manager periodically connects to Trend Micro update servers to check for updates to software
- Deep Security Agent
- Deep Security Manager
The check is made against the local inventory, not against what is available on the Download Center. (There is a separate alert for new software on the Download Center.)
For example, if you have agent version 9.6.100, and Trend Micro releases agent version 9.6.200, an alert will tell you that software updates are available. However, if Trend Micro then releases agent version 10.0.xxx (a major version difference) and you don't have any 10.0 agents in the database, no alert will appear (even though 10.0is newer than 9.6.100).
When imported, software is stored in the Deep Security Manager database. Imported software is periodically replicated to relay-enabled agents.