How do relays work?

Deep Security Relays are agents where you have enabled the relay feature, available in Deep Security Agent 9.5 or newer for Windows / Linux [64-bit only].

Relays update your agents more quickly, reduce manager load, and save Internet connection / WAN bandwidth.

If there were no relays, many agents might connect at the same time to Trend Micro Active Update servers or Deep Security Manager to download security updates or software, respectively. This could cause slow Internet access, increased load, and slow agent updates. With relays, one or few relays download updates directly, usually through your Internet connection. Then the agents on your local network download from relays. Each relay divides the agent update load, and only the local network is used.

Relays can also download security updates from an alternative update source. See Ensure your computers have the latest threat information.

Every relay belongs to a relay group, even if the group only has one relay. Relay groups — not individual relays — are assigned to agents / appliances for redundancy: if a relay is offline, another relay in the group can provide updates. By default, all new relays belong to "Default Relay Group." Every Deep Security deployment needs at least one relay group so that your agents / appliances can download security updates and software, but to optimize performance, usually you should have more relays. For sizing information, see Should I enable more relays?