Deep Security Notifier

The Deep Security Notifier is a Windows System Tray application that communicates the state of the Deep Security Agent and Deep Security Relay to client machines. The Notifier displays popup user notifications when the Deep Security Agent begins a scan, or blocks malware or access to malicious web pages. The Notifier also provides a console utility that allows the user to view events and configure whether popups are displayed. The Notifier has a small footprint on the client machine, requiring less than 1MB of disk space and 1MB of memory. When the Notifier is running the Notifier icon () appears in the system tray.

The Notifier is automatically installed by default with the Deep Security Agent on Windows computers. Use the Administration > Updates > Software > Local page to import the latest version for distribution and upgrades.

On computers running a Relay-enabled Agent, the Notifier displays the components that are being distributed to Agents/Appliances, not which components are in effect on the local computer.

standalone version of the Notifier can be downloaded and also installed on Virtual Machines that are receiving protection from a Deep Security Virtual Appliance. See the Installation Guide for installation instructions.

On VMs protected by a Virtual Appliance, the Anti-Malware module must be licensed and enabled on the VM for the Deep Security Notifier to display information.

The appliance is not available with Deep Security as a Service

How the Notifier Works

When malware is detected or a malicious site is blocked, the Deep Security Agent sends a message to the Notifier, which displays a popup message in the system tray.

If malware is detected, the Notifier displays a message in a system tray popup similar to the following:

If the user clicks on the message, a dialog box with detailed information about Anti-Malware Events is displayed:

When a malicious web page is blocked, the Notifier displays a message in a system tray popup similar to the following:

If the user clicks on the message, a dialog box with detailed information about Web Reputation Events is displayed:

The Notifier also provides a console utility for viewing the current protection status and component information, including pattern versions. The console utility allows the user to turn on and off the popup notifications and access detailed event information.

When the notifier is running on a computer hosting Deep Security Relay, the notifier's display shows the components being distributed by the relay and not the components that in effect on the computer.

When the notifier is running on a computer hosting Deep Security Scanner, the notifier shows that the scanner feature is enabled and the computer cannot be a relay host.