Archived Deep Security Manager release notes

For release notes from this year, see What's new in Deep Security Manager?.

For release notes from the long-term support LTS release, Deep Security Manager 12.0 readme.

Deep Security Manager - 12.0 update 5

Release date: Dec 16, 2019

Build number: 12.0.383


Resolved issues

  • A "Newer version of Deep Security Manager is available" alert appeared despite there being none available. (DSSEG-4724)
  • The "Activity Overview" widget sometime displayed the incorrect database size. (DSSEG-4908)

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses.

  • Updated JRE to the latest Critical Patch Update (8.0.232). (DSSEG-4881)

Deep Security Manager - 12.0 update 4

Release date: November 28, 2019

Build number: 12.0.372

Resolved issues

  • Memory threshold alerts were raised despite the system having memory available. (DSSEG-4882)

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit (DSSEG-4822)

Deep Security Manager - 12.0 update 3

Release date: November 5, 2019

Build number: 12.0.366

New features

  • Added Oracle19c as a supported database. (DSSEG-4723)
  • Improved the diagnostic logging options for features related to AWS connectors. (DSSEG-4615)
  • Updated Deep Security Manager to allow signed agent installers to be exported from the Deep Security Manager or installed via deployment script. The file name of any signed agent installer with extension .rpm now starts with "Agent-PGPCore" instead of "Agent-Core". (DSSEG-4570)

Resolved issues

  • On Linux systems, the default maximum number of the concurrent opened files did not meet Deep Security Manager's needs, resulting the manager failing to acquire file handles. As a result, features in Deep Security Manager failed randomly and a "Too many open files" message appeared in logs. (DSSEG-4748/SEG-59895)
  • When a custom Anti-Evasion posture was selected in a parent policy (in the policy editor > Settings > Advanced > Network Engine Settings > Anti-Evasion Posture > select Custom), that setting did not appear in the child policies. ( DSSEG-4676/02434648/SEG-60410)
  • An incorrect log source identifier was sometimes sent for syslog events. (SF02422793/DSSEG-4665/SEG-59969 and SEG-60314)
  • In the computer or policy editor, under Anti-Malware > General > Real-Time Scan > Schedule > Edit, the Assigned To tab was sometimes empty, even when the schedule was assigned correctly to computers and policies. (SF02374723/DSSEG-4613/SEG-58761)
  • When an invalid or unresolvable SNMP server name was configured in Administration > System Settings > Event Forwarding > SNMP, it caused SIEM and SNS to also fail. (SF02339427/DSSEG-4554/SEG-57996)
  • Deep Security Manager showed many Internal Software Error system events when Events Retrieved and Agent/Appliance Error were not recorded in System Settings > System Events. (DSSEG-4433/SEG-39714)
  • When Deep Security Manager was deployed in an environment with a large number of hosts and protection rules, the manager would sometimes load data for all hosts, even if the user only requested data from some of the hosts. (SF02552257/SEG-62563/DSSEG-4812)
  • Gave the Deep Security Administrator the ability to hide unresolved recommendation scan results from the Intrusion Prevention, Integrity Monitoring and Log Inspection tab in the policy pages. To hide the unresolved recommendation scan results, use the following commands:

    Intrusion Prevention:

    dsm_c -action changesetting -name -value false

    Integrity Monitoring:

    dsm_c -action changesetting -name com.trendmicro.ds.integrity:settings.configuration.showUnresolvedRecommendationsInfoInPolicyPage -value false

    Log Inspection:

    dsm_c -action changesetting -name com.trendmicro.ds.loginspection:settings.configuration.showUnresolvedRecommendationsInfoInPolicyPage -value false


Deep Security Manager - 12.0 update 2

Release date: September 13, 2019

Build number: 12.0.347

New features

  • Added Oracle 18 as a supported database. (DSSEG-4494)
  • Previous version of Deep Security Manager used vCloud SDK 1.5, which supports VMware vCloud Director 9.0 or earlier. With this release, the manager now uses vCloud SDK 5.5, which supports VMware vCloud Director 9.5 or later. (DSSEG-4430)

Resolved issues

  • Every Deep Security Agent with the version greater than or equal to 12.0 now has a minimum required Deep Security Manager version. Any import of an incompatible agent whose minimum required version is less than the current manager version will be blocked. (DSSEG-4560)
  • Deep Security used an open source library called SIGAR that is no longer maintained or supported. This can cause applications to crash and other unintended issues in the future. Equivalent replacement must be found in the JRE included libraries and all usages of SIGAR should be refactored to use the identified equivalent. (SF02184158/DSSEG-4544/SEG-54629)
  • Deep Security Manager did not prevent the creation of incompatible Intrusion Prevention configurations. (DSSEG-4533)
  • Deep Security Manager failed to upgrade when the customer used Microsoft Azure SQL database with non-default collation. (SF02345050/DSSEG-4531/SEG-58319)
  • Inline synchronization for Amazon WorkSpaces sometimes did not work because Deep Security Manager used the availability zone as region name. (DSSEG-4514)
  • Using a local key secret containing the $ symbol stopped the upgrade or fresh install of Deep Security Manager. (SF02013831/DSSEG-4462/SEG-57243)
  • When generating the security module usage report, many of the hosts in the report do not show the correct cloud account associated with the host. (SF01802147/DSSEG-4442/SEG-46978)
  • Deep Security Agent sometimes went offline when duplicate virtual UUIDs were stored in the database. (SF01722554/DSSEG-4415/SEG-41425)
  • Reconnaissance alerts could not be disabled because the option was not available. (DSSEG-4388)
  • Selecting "Security updates only" as the update content for a relay group on Administration > Updates > Relay Management > Relay Group Properties did not work as expected. (DSSEG-4343)
  • The activation code which extended the expiration date license for a multi-tenant account could not be inputted for enabling multi-tenant function because Deep Security Manager did not check the license status online. (DSSEG-4332/02223786/SEG-55842)
  • Forwarding events "via Deep Security Manager" with SIEM event forwarding would not work if the Deep Security Manager hostname was not obtained through DNS resolution. (SF01992435/DSSEG-4099/SEG-50655)

Deep Security Manager - 12.0 update 1

Release date: August 9, 2019

Build number: 12.0.327

Resolved issues

  • New groups added to an AWS connector were not inheriting the existing permissions assigned to that connector. (SF01112604/SEG-35024/DSSEG-4205)
  • When a policy was created based on a relay-enabled agent, the policy contained the relay state. All agents that were assigned the policy automatically became relays. (DSSEG-3550)
  • Application Control events did not include a "Size" column. (DSSEG-4256)
  • In the Deep Security Manager, the entry for the Release Notes column is replaced from readme.txt to Release Notes. (DSSEG-4331)
  • In Deep Security Manager, some AWS EC2 hosts were left without matching cloud instance records when many hosts needed to be removed during an AWS cloud connector synchronization. (DSSEG-4317)
  • When Deep Security Manager was connected to both a case-sensitive Microsoft SQL database and VMware NSX, the Deep Security Manager upgrade readiness check would sometimes fail and block the upgrade. (SF02060051/DSSEG-4268/SEG-52044)
  • The latest kernel update for some Linux operating systems, including RHEL7 and Amazon Linux, made a change that causes failures during agent initiated communication heartbeats. (DSSEG-4315)
  • In Deep Security Manager, under Policies > Intrusion Prevention Rules > Application Types > (select DNS client) > Properties > General the Port setting would change to "Any" after any updates to the port list. (DSSEG-4370/SEG-55634)
  • Deep Security Manager logged a 'Disable all features' log at the INFO level with no indication of which features had been disabled. (DS-33927)
  • Anti-Malware Engine status would change to offline when the BIOS UUID of a VMware Virtual Machine was changed. (DS-36259)
  • After a large number of vMotion tasks were performed, the Deep Security Manager console sometimes showed duplicate virtual machines in a vCenter connector. (SEG-47565/DS-36331)

Security Updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit (SF02112629/SEG-53014/DSSEG-4097)

  • Upgraded Tomcat to 8.5.43. (DSSEG-4335)