Deep Security Manager settings properties file

You can watch Deep Security 12 - Linux - Silent Install on YouTube to review the silent installation process of the Deep Security Manager on a Red Hat 7 server.

The settings properties file can be used in a command-line installation (silent Install) of the Deep Security Manager. (See Silent Install of Deep Security Manager.)

The format of each entry in the settings property file is:

<Screen Name>.<Property Name>=<Property Value>

The settings properties file has required and optional values.

If you enter an invalid value for optional properties, the installer will use the default value instead.

Required Settings

LicenseScreen

Property	Possible Values	Default Value
LicenseScreen.License.-1	<activation code for all modules>	<none>

Property	Possible Values	Default Value
LicenseScreen.License.0	<activation code for Anti-Malware>	<none>
LicenseScreen.License.1	<activation code for Firewall/DPI>	<none>
LicenseScreen.License.2	<activation code for Integrity Monitoring>	<none>
LicenseScreen.License.3	<activation code for Log Inspection>	<none>

CredentialsScreen

Property	Possible Values	Default Value
CredentialsScreen.Administrator.Username	<username for the master administrator>	<none>
CredentialsScreen.Administrator.Password	<password for the master administrator>	<none>

Optional Settings

LanguageScreen

Property	Possible Values	Default Value	Notes
sys.languageId	en_US ja	en_US	"en_US" indicates English. "ja" indicates Japanese.

UpgradeVerificationScreen

This screen determines what happens if an existing installation is detected.

This setting is not referenced unless an existing installation is detected.

Property	Possible Values	Default Value
UpgradeVerificationScreen.Overwrite	True False	False

A True value results in a fresh install with all data in the existing database being discarded. A False value provides the option to repair the existing installation.

If you set this value to True, it will overwrite any existing data in the database. It will do this without any further prompts.

OldDataMigrationScreen

This screen defines the number of days of data to keep. When this setting is 0, all historical data will be kept, but this may increase the amount of time the upgrade will take. During the data migration, the silent install will show the percentage of records migrated at 10% intervals.

This setting is not referenced unless an existing installation is detected and it requires a data migration to upgrade the database schema.

Property	Possible Values	Default Value
OldDataMigrationScreen.HistoricalDays	<integer>	0

DatabaseScreen

This screen defines the database type and optionally the parameters needed to access certain database types.

In the interactive install, you can click Advanced to define the instance name and domain of a Microsoft SQL server. This appears in a dialog. Because the unattended install does not support dialogs, these arguments are included in the DatabaseScreen settings below.

Property	Possible Values	Default Value	Notes
DatabaseScreen.DatabaseType	Microsoft SQL Server Oracle PostgreSQL	Microsoft SQL Server	None
DatabaseScreen.Hostname	<database hostname or IP address> Current host name	Current host name	None You can specify the port in this entry using the format <hostname>:<port>. Example: example:123
DatabaseScreen.DatabaseName	<string>	dsm
DatabaseScreen.Transport	Named Pipes TCP	Named Pipes	Required for SQL Server only
DatabaseScreen.Username	<database username>	<none>	Username used by the manager to authenticate to the database server. Must match an existing database account. Note that the Deep Security Manager database permissions will correspond to this user's permissions. For example, if you choose a database account with read-only privileges, the Deep Security Manager will not be able to write to the database. Mandatory for Microsoft SQL Server and Oracle.
DatabaseScreen.Password	<database password>	<none>	Password used by the manager to authenticate to the database server. Mandatory for Microsoft SQL Server and Oracle.
DatabaseScreen.SQLServer.Instance	<string>	<none>	Used only with Microsoft SQL Server, which supports multiple instances on a single server or processor. Only one instance can be the default instance and any others are named instances. If the Deep Security Manager database instance is not the default, enter the name of the instance here. The value must match an existing instance or be left blank to indicate the default instance.
DatabaseScreen.SQLServer.Domain	<string>	<none>	Used only with Microsoft SQL Server. This is the Windows domain used when authenticating to the SQL Server. The DatabaseScreen.Username and DatabaseScreen.Password described above are only valid within the appropriate domain.
DatabaseScreen.SQLServer.UseDefaultCollation	True False	False	Used only with Microsoft SQL Server. Collation determines how strings are sorted and compared. If the value is "False", Deep Security will use Latin1_General_CS_AS for collation on text-type columns. If the value is "True", Deep Security will use the collation method specified by your SQL Server database. For additional information on collation, refer to your SQL Server documentation.

AddressAndPortsScreen

This screen defines the hostname, URL, or IP address of this computer and defines port numbers for the manager. In the interactive installer, this screen also supports connecting a new manager node to an existing database, but this option is not supported in the unattended install.

Property	Possible Values	Default Value	Notes
AddressAndPortsScreen.ManagerAddress	<manager hostname, URL or IP address>	<current host name>	None
AddressAndPortsScreen.ManagerPort	<port number>	4119	See Port numbers, URLs, and IP addresses.
AddressAndPortsScreen.HeartbeatPort	<port number>	4120	See Port numbers, URLs, and IP addresses.
AddressAndPortsScreen.NewNode	True False	False	`True` indicates that the current install is a new node. If the installer finds existing data in the database, it will add this installation as a new node. (Multi-node setup is always a silent install.) Note: The "New Node" installation information about the existing database to be provided via the DatabaseScreen properties.

CredentialsScreen

Property	Possible Values	Default Value	Notes
CredentialsScreen.UseStrongPasswords	True False	False	`True` causes Deep Security Manager to enforce strong passwords.

MasterKeyConfigurationScreen

Property	Possible Values	Default Value	Notes
MasterKeyConfigurationScreen.KeyConfigType	Do not configure Local Key KMS	Do not configure	If configured, the installer will use KMS or the local key secret to generate a custom master key. If not configured, a hard-coded seed is used instead. See also masterkey. Instead, you must run masterkey commands after the installer.
MasterKeyConfigurationScreen.ARN	<AWS ARN>	<none>	The Amazon Resource Name (ARN) of the KMS key. Only used if MasterKeyConfigurationScreen.KeyConfigType is KMS.
MasterKeyConfigurationScreen.LocalKey	<string>	<none>	The value that you want to use when the installer configures the local environment variable LOCAL_KEY_SECRET. Only used if MasterKeyConfigurationScreen.KeyConfigType is Local Key.

SecurityUpdateScreen

Property	Possible Values	Default Value	Notes
SecurityUpdateScreen.UpdateComponents	True False	True	True will tell the Deep Security Manager to create a scheduled task to automatically check for security updates. The scheduled task will run when installation is complete.
SecurityUpdateScreen.Proxy	True False	False	True will cause Deep Security Manager to use a proxy to connect to the Internet to download security updates from Trend Micro.
SecurityUpdateScreen.ProxyType	HTTP SOCKS4 SOCKS5	<none>	The protocol used by the proxy.
SecurityUpdateScreen.ProxyAddress	<valid IPv4 or IPv6 address or hostname>	<none>	None
SecurityUpdateScreen.ProxyPort	<proxy port>	<none>	See Port numbers, URLs, and IP addresses.
SecurityUpdateScreen.ProxyAuthentication	True False	False	True indicates that the proxy requires authentication credentials.
SecurityUpdateScreen.ProxyUsername	<string>	<none>	None
SecurityUpdateScreen.ProxyPassword	<string>	<none>	None

SoftwareUpdateScreen

Property	Possible Values	Default Value	Notes
SoftwareUpdateScreen.UpdateSoftware	True False	True	True will tell Deep Security Manager to create a scheduled task to automatically check for software updates. The scheduled task will run when installation is complete.
SoftwareUpdateScreen.Proxy	True False	False	True will cause Deep Security Manager to use a proxy to connect to the Internet to download software updates from Trend Micro.
SoftwareUpdateScreen.ProxyType	HTTP SOCKS4 SOCKS5	<none>	The protocol used by the proxy.
SoftwareUpdateScreen.ProxyAddress	<valid IPv4 or IPv6 address or hostname>	<none>	None.
SoftwareUpdateScreen.ProxyPort	<integer>	<none>	See Port numbers, URLs, and IP addresses.
SoftwareUpdateScreen.ProxyAuthentication	True False	False	True indicates that the proxy requires authentication credentials.
SoftwareUpdateScreen.ProxyUsername	<string>	<none>	None
SoftwareUpdateScreen.ProxyPassword	<string>	<none>	None

SmartProtectionNetworkScreen

This screen defines whether you want to enable Trend Micro Smart Feedback and optionally your industry.

Property	Possible Values	Default Value	Notes
SmartProtectionNetworkScreen.EnableFeedback	True False	False	True enables Trend Micro Smart Feedback.
SmartProtectionNetworkScreen.IndustryType	Not specified Banking Communications and media Education Energy Fast-moving consumer goods (FMCG) Financial Food and beverage Government Healthcare Insurance Manufacturing Materials Media Oil and gas Real estate Retail Technology Telecommunications Transportation Utilities Other	<none>	If a value is not entered, it has the same result as `Not specified`.

RelayScreen

This screen defines whether you want to install the Deep Security Relay on the same computer as Deep Security Manager.

Property	Possible Values	Default Value	Notes
RelayScreen.Install	True False	False	True installs the Deep Security Relay on the Deep Security Manager computer. False does not install the Deep Security Relay on the Deep Security Manager (silent install), or shows a screen asking you whether you want to install the relay (regular install).

Property

Possible Values

Default Value

Notes

RelayScreen.Install

True
False

False

True installs the Deep Security Relay on the Deep Security Manager computer.

False does not install the Deep Security Relay on the Deep Security Manager (silent install), or shows a screen asking you whether you want to install the relay (regular install).

Sample properties file

The following is example content of a typical properties file.

AddressAndPortsScreen.ManagerAddress=10.xxx.xxx.xxx
AddressAndPortsScreen.NewNode=True
UpgradeVerificationScreen.Overwrite=False
LicenseScreen.License.-1=XY-ABCD-ABCDE-ABCDE-ABCDE-ABCDE-ABCDE
OldDataMigrationScreen.HistoricalDays=30
DatabaseScreen.DatabaseType=Microsoft SQL Server
DatabaseScreen.Hostname=10.xxx.xxx.xxx
DatabaseScreen.Transport=TCP
DatabaseScreen.DatabaseName=XE
DatabaseScreen.Username=DSM
DatabaseScreen.Password=xxxxxxx
AddressAndPortsScreen.ManagerPort=4119
AddressAndPortsScreen.HeartbeatPort=4120
CredentialsScreen.Administrator.Username=masteradmin
CredentialsScreen.Administrator.Password=xxxxxxxx
CredentialsScreen.UseStrongPasswords=False
SecurityUpdateScreen.UpdateComponents=True
SecurityUpdateScreen.Proxy=False
SecurityUpdateScreen.ProxyType=
SecurityUpdateScreen.ProxyAddress=
SecurityUpdateScreen.ProxyPort=
SecurityUpdateScreen.ProxyAuthentication=False
SecurityUpdateScreen.ProxyUsername=
SecurityUpdateScreen.ProxyPassword=
SoftwareUpdateScreen.UpdateSoftware=True
SoftwareUpdateScreen.Proxy=False
SoftwareUpdateScreen.ProxyType=
SoftwareUpdateScreen.ProxyAddress=
SoftwareUpdateScreen.ProxyPort=
SoftwareUpdateScreen.ProxyAuthentication=False
SoftwareUpdateScreen.ProxyUsername=
SoftwareUpdateScreen.ProxyPassword=
RelayScreen.Install=True
SmartProtectionNetworkScreen.EnableFeedback=False

Installation Output

The following is a sample output from a successful install, followed by an example output from a failed install (invalid license). The [Error] tag in the trace indicates a failure.

Successful install

Stopping Trend Micro Deep Security Manager Service...
Checking for previous versions of Trend Micro Deep Security Manager...
Upgrade Verification Screen settings accepted...
The installation directory has been set to C:\Program Files\Trend Micro\Deep Security Manager.
Database Screen settings accepted...
License Screen settings accepted...
Address And Ports Screen settings accepted...
Credentials Screen settings accepted...
Security Update Screen settings accepted...
Software Update Screen settings accepted...
Smart Protection Network Screen settings accepted...
All settings accepted, ready to execute...
Extracting files ...
Setting Up...
Connecting to the Database...
Creating the Database Schema...
Creating MasterAdmin Account...
Recording Settings...
Creating Temporary Directory...
Installing Reports...
Installing Modules and Plug-ins...
Creating Help System...
Validating and Applying Activation Codes...
Configure Localizable Settings...
Setting Default Password Policy...
Creating Scheduled Tasks...
Creating Asset Importance Entries...
Creating Auditor Role...
Optimizing...
Importing Software Packages...
Configuring Relay For Install...
Importing Performance Profiles...
Recording Installation...
Clearing Sessions...
Creating Properties File...
Creating Shortcut...
Configuring SSL...
Configuring Service...
Configuring Java Security...
Configuring Java Logging...
Cleaning Up...
Starting Deep Security Manager...
Finishing installation ...

Failed install

This example shows the output generated when the properties file contains an invalid license string:

Stopping Trend Micro Deep Security Manager Service...
Detecting previous versions of Trend Micro Deep Security Manager...
Upgrade Verification Screen settings accepted...
Database Screen settings accepted...
Database Options Screen settings accepted...
[ERROR] The license code you have entered is invalid.
[ERROR] License Screen settings rejected...
Rolling back changes...