Linux Secure Boot support

Some versions of Deep Security Agent(DSA) for Linux support Secure Boot. See also Configure Linux Secure Boot for agents.

In DSA 20 LTS, each Linux operating system is associated with corresponding Secure Boot public keys, such as DS20.der, DS20_V2.der, and so on. These keys have different expiration dates. For more information, see Update the Trend Micro public key - The public key has expired in Configure Linux Secure Boot for agents.

Deep Security Agent 20 LTS

The following table lists Linux operating systems on which DSA 20 LTS provides support for Secure Boot.

AWS, GCP, VMware, Oracle Cloud, and physical machines are supported on all operating systems included in the table. The Azure support is currently limited to select operating systems.

Operating System	Secure Boot public key	Required DSA build	Supported on Azure VM? 1	Supported on Azure VM in private preview? 1
AlmaLinux 9 (64-bit)	DS2022.der	20.0.0-6912 (20 LTS Update 2023-05-02) or later		✔
CentOS 7 (64-bit)	DS20.der
CentOS 8 (64-bit)	DS20.der
Debian Linux 10 (64-bit)	DS20.der
Debian Linux 11 (64-bit)	DS2022.der		✔
Debian Linux 12 (64-bit)	DS2022.der	20.0.0-8438 (20 LTS Update 2023-12-12) or later		✔
Miracle Linux 9 (64-bit)	DS2022.der	20.0.0-8137 (20 LTS Update 2023-10-26) or later for Red Hat Enterprise Linux 9
Oracle Linux 7 (64-bit)	DS20_V2.der	20.0.0-3165 (20 LTS Update 2021-10-08) or later
Oracle Linux 8 (64-bit)	DS20_V2.der	20.0.0-3288 (20 LTS Update 2021-10-28) or later		✔
Oracle Linux 9 (64-bit)	DS2022.der		✔
Red Hat Enterprise Linux 7 (64-bit)	DS20.der
Red Hat Enterprise Linux 8 (64-bit)	DS20.der	✔
Red Hat Enterprise Linux 9 (64-bit)	DS2022.der	✔
Red Hat Enterprise Linux Workstation 7 (64-bit)	DS20.der	20.0.0-6912 (20 LTS Update 2023-05-02) or later
Rocky Linux 9 (64-bit)	DS2022.der	20.0.0-6313 (20 LTS Update 2023-01-31) or later
SUSE Linux Enterprise Server 12 (64-bit)	DS20.der
SUSE Linux Enterprise Server 15 (64-bit)	DS20.der, DS20_V2.der		✔
Ubuntu 16.04 (64-bit)	DS20.der
Ubuntu 18.04 (64-bit)	DS20.der		✔
Ubuntu 20.04 (64-bit)	DS20.der		✔
Ubuntu 22.04 (64-bit)	DS2022.der	20.0.0-6658 (20 LTS Update 2023-03-22) or later		✔
Ubuntu 24.04 (64-bit)	DS2022.der	20.0.1-19250 (20 LTS Update 2024-09-18) or later

Deep Security Agent 12 FR

The following table lists Linux operating systems on which DSA 12 FR provides support for Secure Boot.

VMware and physical machines are supported on all operating systems included in the table, whereas AWS, GCP, Oracle Cloud, and Azure are not supported. See also Secure Boot support.

Operating System
CentOS 7 (64-bit)
CentOS 8 (64-bit)
Debian Linux 10 (64-bit)
Red Hat Enterprise Linux 7 (64-bit)
Red Hat Enterprise Linux 8 (64-bit)
SUSE Linux Enterprise Server 12 (64-bit)
SUSE Linux Enterprise Server 15 (64-bit)
Ubuntu 16.04 (64-bit)
Ubuntu 18.04 (64-bit)

Note that the information about the public keys and required DSA build is not applicable to this DSA release.

Deep Security Agent 12 LTS

The following table lists Linux operating systems on which DSA 12 LTS provides support for Secure Boot.

VMware and physical machines are supported on all operating systems included in the table, whereas AWS, GCP, Oracle Cloud, and Azure are not supported. See also Secure Boot support.

Operating System	Secure Boot public key
CentOS 7 (64-bit)	DS12.der
Red Hat Enterprise Linux 7 (64-bit)	DS12.der

Note that the information about the required DSA build is not applicable.

Deep Security Agent 11 LTS

The following table lists Linux operating systems on which DSA 11 LTS provides support for Secure Boot.

VMware and physical machines are supported on all operating systems included in the table, whereas AWS, GCP, Oracle Cloud, and Azure are not supported. See also Secure Boot support.

Operating System	Secure Boot public key
CentOS 7 (64-bit)	DS11_2022.der
Red Hat Enterprise Linux 7 (64-bit)	DS11_2022.der

Note that the information about the required DSA build is not applicable.

Footnotes:

For details, see Trusted Launch for Azure virtual machines - Operating systems supported