Deploy Deep Security Relay

A Deep Security Relay is an agent that is configured to redistribute Deep Security software and security updates to other agents and virtual appliances. This helps your deployment scale.

You need at least one relay in your environment, and it might already be installed if you co-deployed it with Deep Security Manager. To check:

  1. Log in to Deep Security Manager.
  2. Click Administration at the top.
  3. Click Relay Management on the left navigation pane.
  4. If you see a relay icon () in the main pane, a relay is already deployed.

To deploy your first relay:

  1. Make sure the relay computer meets the requirements. See Deep Security Agent sizing and resource consumption and Deep Security Relay requirements.
  2. Make sure you allow inbound and outbound communication to and from the relay on the appropriate port numbers. See Deep Security port numbers.
  3. If the relay must connect through a proxy, see Connect to the Primary Security Update Source via proxy.
  4. Deploy an agent on the chosen computer. See Get Deep Security Agent software and Install the agent.
  5. Enable the agent as a relay:
    1. Log in to Deep Security Manager.
    2. Click Administration at the top.
    3. Click Relay Management in the left navigation pane.
    4. If you are using Linux, before enabling the relay, create a user nobody and a relay group nogroup.
    5. Select the relay group into which the relay will be placed. If a relay group does not exist, create one. If you are using Linux, create a user nobody and a relay group nogroup.
    6. Click Add Relay.
    7. In Available Computers, select the agent you just deployed.
    8. Click Enable Relay and Add to Group.

    The agent is enabled as a relay and is displayed with a relay icon ().

Trend Micro recommends using more than one relay. This can be set up after you get your basic Deep Security deployment running. For details, see Deploy additional relays.