Upgrade the Deep Security Agent

Software upgrades can be initiated through Deep Security Manager or a third-party deployment system.

Upgrade all Deep Security Relays before you upgrade any Deep Security Agent. If you do not upgrade your relays first, software upgrades may fail. See also Upgrade the Deep Security Relay.

Upgrade when the computers are less busy.

In this topic:

Upgrade the agent starting from an alert

When a new agent software version is available, a message appears on Alerts.

  1. In the alert, click Show Details and then click View all out-of-date computers.
    Computers appears, displaying all computers where Software Update Status is Out-of-Date.
  2. Continue with Upgrade the agent from the Computers page or Upgrade the agent by running the installer manually.

Upgrade multiple agents at once

  1. In Deep Security Manager, go to Administration > Updates > Software.
  2. In the main pane, look under the Computers section to see whether any computers or virtual appliances are running agents for which upgrades are available. The check is only performed against software that has been imported into Deep Security, not against software available from the Download Center.
  3. Click Upgrade Agent / Appliance Software to upgrade all out-of-date computers.

Upgrade the agent from the Computers page

  1. In Deep Security Manager, go to Computers, and then:
    • Right-click the computer(s) that you want to upgrade, and select Actions > Upgrade Agent Software.


    • Select the computer(s) that you want to upgrade, click the Actions button near the top and select Upgrade Agent Software.


    • Double-click a computer that you want to upgrade and on the Computer details dialog box, click the Upgrade Agent button.

    You must upgrade your relays before your agents to prevent failures. Learn more. To identify a relay, look for the relay icon ().

  2. In the dialog box that appears, select the Agent Version. We recommend that you select the default Use the latest version for platform (X.Y.Z.NNNN). Click Next.

Upgrade the Linux agent on activation

If Deep Security Agent is installed on Linux, you can choose to automatically upgrade the agent to the newest software version that's compatible with Deep Security as a Service when the agent is activated or reactivated. For details, see Automatically upgrade agents on activation.

Upgrade the agent by running the installer manually

Sometimes you may not be able to upgrade the agent software from the Deep Security Manager because of connectivity restrictions, or you may prefer to deploy upgrades using a third-party system. If so, you can upgrade the agent software using an installer that you have copied to the computer.

Download the new agent software either from the Download Center, or by exporting it from the Deep Security Manager (see Get Deep Security Agent software). Then run the installer. Method varies by operating system.

Upgrade the agent on Windows

  1. Disable agent self-protection. To do this, on the Deep Security Manager, go to Computer editorTo open the Computer editor, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). > Settings > General. In Agent Self Protection, and then either deselect Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent or enter a password for local override.
  2. Copy the agent installer to the computer.
  3. Run the agent installer. It will detect the previous agent and perform the upgrade.

Upgrade the agent on Linux

  1. Copy the agent installer to the computer.
  2. Run the following command:
    rpm -U <new agent installer rpm>

(The "-U" argument instructs the installer to perform an upgrade.)