Deep Security Agent platforms

Topics on this page:

See also Agent platform support policy.

Agent platform support table

Deep Security Manager 12.0 supports the Deep Security Agents on the operating systems shown in the table below. If platform support was added in an update release, the minimum update version is noted next to the check mark in the table.

Deep Security Manager supports the use of older agent versions, but we do encourage customers to upgrade agents regularly. New agent releases provide additional security features and protection, higher quality, performance improvements, and updates to stay in sync with releases from each platform vendor. Each agent has an end-of-life date. For details, see Deep Security LTS life cycle dates and Deep Security FR life cycle dates.

Not all Deep Security features are available on all platforms. See Supported features by platform.
The Deep Security Agent can be installed and is fully supported on various cloud, virtual, or physical environments, provided the operating system and kernel are supported.
Deep Security Agent Platform     Deep Security Agent Version
  12.0 11.3 11.2 11.1 11.0 10.0 9.6 9.0
Windows 2000, Service Pack 3 or 4 (32-bit) (See Note 5)             U17  
Windows XP (32- and 64-bit) (See Note 5)              
Windows Server 2003 SP1 or SP2 (32- and 64-bit) (See Note 5)              
Windows Server 2003 R2 SP2 (32- and 64-bit) (See Note 5)              
Windows 7 (32- and 64-bit) (See Note 5)    
Windows 7 Embedded (32-bit) (See Note 2 and Note 5)            
Windows Server 2008 (32- and 64-bit) (See Note 3 and Note 5)    
Windows Server 2008 R2 (64-bit) (See Note 3 and Note 5)    
Windows 8 (32- and 64-bit)    
Windows 8.1 (32- and 64-bit)    
Windows 8.1 Embedded (32-bit) (See Note 2)            
Windows 10 (32- and 64-bit) (See Note 1)    
Windows 10 IoT Enterprise 2019 LTSC (32- and 64-bit) (See Note 2)              
Windows 10 IoT Enterprise 2021 LTSC (64-bit) (See Note 2)              
Windows Server 2012 (64-bit) (See Note 3)    
Windows Server 2012 R2 (64-bit) (See Note 3)    
Windows Server 2016 (LTSC, version 1607) (64-bit)    
Windows Server Core (SAC, version 1709) (64-bit) (See Note 1)      
Windows Server 2019 (LTSC, version 1809) (64-bit)     U4 U16    
Red Hat Enterprise Linux 5 (32- and 64-bit)              
Red Hat Enterprise Linux 6 (32- and 64-bit)    
Red Hat Enterprise Linux 7 (64-bit)    
Red Hat Enterprise Linux 8 (64-bit)       U12      
Ubuntu 10.04 (64-bit)              
Ubuntu 12.04 (64-bit)              
Ubuntu 14.04 (64-bit)              
Ubuntu 16.04 (64-bit)    
Ubuntu 18.04 (64-bit)   U2      
Ubuntu 20.04 (64-bit) U10              
CentOS 5 (32- and 64-bit)              
CentOS 6 (32- and 64-bit)    
CentOS 7 (64-bit)    
CentOS 8 (64-bit) U3              
Debian 6 (64-bit)              
Debian 7 (64-bit)    
Debian 8 (64-bit) U1    
Debian 9 (64-bit)        
Debian 10 (64-bit) U1       U14      
Debian 11 (64-bit) U25              
Amazon Linux (64-bit)    
Amazon Linux 2 (64-bit) U8    
Oracle Linux 5 (32- and 64-bit)              
Oracle Linux 6 (32- and 64-bit)    
Oracle Linux 7 (64-bit)    
Oracle Linux 8 (64-bit) U2       U14      
SUSE Linux Enterprise Server 11 (32- and 64-bit)    
SUSE Linux Enterprise Server 12 (64-bit)    
SUSE Linux Enterprise Server 15 (64-bit)            
CloudLinux 5 (32- and 64-bit)              
CloudLinux 6 (32-bit)              
CloudLinux 6 (64-bit)         U6    
CloudLinux 7 (64-bit)    
CloudLinux 8 (64-bit) U12              
Solaris 10 Updates 4-6 (64-bit, SPARC or x86)       U6      
Solaris 10 Updates 7-10 (64-bit, SPARC or x86)       U6      
Solaris 10 Update 11 (64-bit, SPARC or x86)       U6    
Solaris 11.0 (1111)-11.1 (64-bit, SPARC or x86)       U6      
Solaris 11.2-11.3 (64-bit, SPARC or x86)       U6    
Solaris 11.4 (64-bit, SPARC or x86)       U7      
AIX 6.1 TL 9 (6100-09-00-0000)
AIX 7.1 TL 3 (7100-03-00-0000)
AIX 7.2 TL 0 (7200-00-00-0000)
See Note 4
U5            

Support for these releases is ending soon (see Deep Security release strategy and life cycle policy). Please upgrade to Deep Security Agent 12.0 as soon as possible.

If platform support was added in an update release, the minimum update version is noted next to the check mark in the table. Example: ✔ U1.

Note 1: Microsoft releases regular, semi-annual releases for Microsoft Windows 10 and Windows Server Core. For details about which specific releases are supported, see Deep Security Support for Windows 10 and Deep Security Support for Windows Server Core.

Note 2: All Trend Micro testing on Windows Embedded platforms is performed in a virtualized environment. Because these operating systems are typically run on custom hardware (for example, on point-of-sale terminals), customers must plan to thoroughly test on their target hardware platform prior to deployment in a production environment. In addition, before raising support cases, customers should attempt to reproduce problems in a virtualized environment because this is the environment the Trend Micro support team has available. If the issue is specific to deployments on custom hardware, Trend Micro may require the customer to provide us with remote access to a suitable environment before we can fully respond to support cases. Note that Windows 10 IoT was formerly named Windows 10 Embedded, and is therefore included in the list of Windows Embedded platforms.

Note 3: Deep Security Agent is supported with both Full/Desktop Experience and Server Core installations of Windows Server 2012 and later. For Windows Server 2008 and 2008 R2, only Full installations are supported.

Note 4: The following AIX configurations are supported:

  • AIX LPARs running on the PowerVM Hypervisor on Power Servers.
  • AIX running as the bare metal OS on Power Servers.

Deep Security Agent 12.0 for AIX is supported on both Power8 and Power9 processor-based systems.

Note 5: Microsoft has changed their signing policy to use only SHA-2. For information on compatibility and required Microsoft security updates, see:

Also, Windows XP is supported only with Deep Security Agent 10.0 Update 25 or earlier and it will not be supported with future updates. Windows 2003 is supported with Deep Security Agent 10.0 Update 25 or earlier. It is not supported with Updates 26, 27, and 28, but support will be reintroduced in Deep Security Agent 10.0 Update 29. For more information, see Deep Security Agent version 10 update 26 cannot be used for installation or upgrade on Windows XP/2003.

Docker support

You can use Deep Security 10.0 or later to protect Docker hosts and containers running on Linux distributions. Windows is not supported.

With each Deep Security long-term support (LTS) release, Deep Security supports all Docker Enterprise Edition (EE) versions that have not reached end-of-life. (See Announcing Docker Enterprise Edition.) We do not officially support Docker Edge releases, but strive to test against Docker Edge releases to the best of our ability.

Support for new stable Docker releases is introduced with each release of Deep Security. We recommend that you refrain from upgrading to the latest stable release of Docker until Trend Micro documents the support statements for the latest Deep Security release.

Deep Security Agent version Docker Docker CE Docker EE
v1.12 v1.13 17.03 17.09 17.12 18.03 18.06 18.09 17.06 18.03 18.06 18.09 19.03 20.10
10.0                        
11.0          
11.1                    
11.2                    
11.3                    
12.0            

Deep Security support for Docker releases includes any sub-versions of those releases. For example, Deep Security 11.0 supports Docker 17.09-ce including its sub-versions: 17.09.0-ce and 17.09.1-ce.

Before deploying Deep Security into your target environment, you should ensure that Docker supports your target environment and platform configuration.

Systemd support

Some versions of the Deep Security Agent for Linux support systemd. See the table below for details.

Deep Security Agent Platform Deep Security Agent Version
  12 LTS 11.3 11.2 11.1 11.0
Amazon Linux (64-bit)        
Amazon Linux 2 (64-bit)          
CloudLinux 6 (64-bit)          
CloudLinux 7 (64-bit)          
CloudLinux 8 (64-bit) U12        
Debian 8 (64-bit)          
Debian 9 (64-bit)          
Debian 10 (64-bit) U1       U14
Oracle Linux 6 (32- and 64-bit)          
Oracle Linux 7 (64-bit) U1       U13
Oracle Linux 8 (64-bit) U2       U14
Red Hat Enterprise Linux 6 (32- and 64-bit)          
Red Hat Enterprise Linux 7 (64-bit) U1       U13
Red Hat Enterprise Linux 8 (64-bit)       U12
SUSE Linux Enterprise Server 11 (32- and 64-bit)          
SUSE Linux Enterprise Server 12 (64-bit)          
SUSE Linux Enterprise Server 15 (64-bit)       U13
Ubuntu 16.04 (64-bit)          
Ubuntu 18.04 (64-bit)          
Ubuntu 20.04 (64-bit) U10        

If systemd support was added in an update release, the minimum update version is noted next to the check mark in the table. Example: ✔ U1.

Secure Boot support

Some versions of the Deep Security Agent support the Secure Boot feature. See the table below for details. For details on configuring the agent for Secure Boot, see Linux Secure Boot support for agents.

Secure Boot is not available for AWS instances and Azure VMs.

If you are protecting VMware virtual machines, Secure Boot is available for VMware vSphere 6.5 or newer.

  Deep Security Agent Version
Deep Security Agent Platform 12 LTS 11 LTS
Red Hat Enterprise Linux 7 (64-bit)
CentOS 7 (64-bit)