Upgrade Deep Security AMI from AWS Marketplace manually

Before you upgrade, verify that:

  • Deep Security stores data in an external database (embedded databases cannot be upgraded)
  • Backups for the database exist
  • Deep Security Manager is installed on a computer behind an Elastic Load Balancer (ELB) or it can be accessed by Elastic IP
  1. Stop all existing Deep Security Manager instances by right-clicking on the instance from the AWS console and selecting Instance State > Stop.
  2. Deploy a new instance of Deep Security Manager using the latest version from the AWS Marketplace.
  3. When the instance is running, go to https://ip:8080, enter the Instance ID, and click Sign In.
  4. Read and accept the terms of the license agreement on the License Agreement tab and click Next.
  5. Enter the configuration parameters of your existing Deep Security database on the Database tab, select the check box This Deep Security Manager installation is an upgrade for an already-deployed Deep Security installation, and click Next.
  6. Click Upgrade on the Previous Version Check tab and click Next.
  7. Enter the hostname or IP address of the computer where Deep Security Manager is being installed on the Address and Ports tab and click Next.
  8. The Manager Address must be either a resolvable hostname, a fully qualified domain name, or an IP address. If DNS is not available in your environment or if some computers are unable to use DNS, a fixed IP address should be used instead of a hostname. You can also change the default port numbers.

  9. Click Next on the Credentials tab.
  10. The existing credentials will stay the same.

  11. Review the installation settings on the Review Settings tab to ensure that they are correct and then click Install.
  12. The Deep Security Status page will show that the Deep Security Manager is being installed. When the installation is complete, Deep Security Manager will be displayed.

  13. Log in to Deep Security Manager and delete the computer records for any old Deep Security Manager installations by clicking the Computers tab, selecting the record, and clicking Delete on the toolbar.
  14. Delete old manager nodes by going to the Administration tab in Deep Security Manager, selecting Manager Nodes in the left-hand navigation menu, opening the Properties dialog for each old manager node (Status: "Offline (Upgrade Required)"), and clicking Decommission.
  15. Double click on the newly added Deep Security Manager Computer Object and ensure it is Activated and has the correct policy assigned.
  16. Delete your old Deep Security Manager instances by right-clicking on the instance from the AWS console and choosing Instance State > Terminate.

Please contact aws.marketplace@trendmicro.com if you have any questions or encounter any issues.