Supported features by platform

The tables below list the features available for each OS platform of Deep Security Agent 20 :

Older agents are compatible with other platforms (although they don't support new features). See Deep Security Agent platforms for a complete list of compatible agents. To see the features available with older agents:

Microsoft Windows

Deep Security Agent is supported with both Full/Desktop Experience and Server Core installations of Windows Server 2012 and later (any exceptions for particular features are noted in the table below). For Windows Server 2008 and 2008 R2, only Full Installations are supported.

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic File Scans Directory Scans Scans of Running Services, Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Services, Processes, Listening Ports
Windows 7 (32‑bit)        
Windows 7 (64‑bit)    
Windows 7 Embedded (32‑bit) (3)              
Windows Server 2008 (32‑bit)        
Windows Server 2008 (64‑bit)    
Windows Server 2008 R2 (64‑bit)   (1) (1)
Windows 8 (32‑bit)        
Windows 8 (64‑bit)    
Windows 8.1 (32‑bit)        
Windows 8.1 (64‑bit)      
Windows 8.1 Embedded (32‑bit) (3)              
Windows 10 (32‑bit) (2)        
Windows 10 (64‑bit) (2)    
Windows 10 Embedded (64‑bit) (3)      
Windows Server 2012 (64‑bit)   (1)(5) (1)(5) (5)
Windows Server 2012 R2 (64‑bit)   (1) (1)
Windows Server 2016
(LTSC, version 1607) (64‑bit)
  (1) (1)
Windows Server Core (SAC, version 1709) (64‑bit)(2)   (1) (1)
Windows Server 2019
(LTSC, version 1809) (64‑bit)
  (1) (1)

Red Hat Enterprise Linux

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic File Scans Directory Scans Scans of Running Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Processes, Listening Ports
Red Hat Enterprise Linux 6 (32‑bit) (4)                  
Red Hat Enterprise Linux 6 (64‑bit) (4)     (1)      
Red Hat Enterprise Linux 7 (64‑bit) (4)     (1)    
Red Hat Enterprise Linux 8 (64‑bit) (4)     (1)      

CentOS Linux

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic File Scans Directory Scans Scans of Running Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Processes, Listening Ports
CentOS 6 (32‑bit) (4)                  
CentOS 6 (64‑bit) (4)     (1)      
CentOS 7 (64‑bit) (4)     (1)    
CentOS 8 (64-bit) (4)     (1)      

Oracle Linux

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic File Scans Directory Scans Scans of Running Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Processes, Listening Ports
Oracle Linux 6 (32‑bit)                    
Oracle Linux 6 (64‑bit) (4)     (1)      
Oracle Linux 7 (64‑bit) (4)     (1)      
Oracle Linux 8 (64-bit) (4)     (1)      

SUSE Linux

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic File Scans Directory Scans Scans of Running Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Processes, Listening Ports
SUSE Linux Enterprise Server 12 SP1, SP2, SP3 (64‑bit) (4)     (1)      
SUSE Linux Enterprise Server 15 (64‑bit) (4)     (1)      

Ubuntu Linux

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic File Scans Directory Scans Scans of Running Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Processes, Listening Ports
Ubuntu 16 (64‑bit) (4)     (1)      
Ubuntu 18 (64‑bit) (4)     (1)      
Ubuntu 20.04 (64‑bit) (4)     (1)      

Debian Linux

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic File Scans Directory Scans Scans of Running Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Processes, Listening Ports
Debian 8 (64‑bit) (4)     (1)      
Debian 9 (64‑bit) (4)     (1)      
Debian Linux 10 (64-bit) (4)     (1)      

CloudLinux

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic File Scans Directory Scans Scans of Running Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Processes, Listening Ports
CloudLinux 7, 8 (64‑bit) (4)     (1)      

Amazon Linux

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic File Scans Directory Scans Scans of Running Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Processes, Listening Ports
Amazon Linux (64‑bit) (4)     (1)      
Amazon Linux 2 (64‑bit) (4)     (1)      

Solaris

See How does agent protection work for Solaris zones? for more on how protection works between Solaris zones. For a list of supported Solaris versions, see Deep Security Agent platforms.

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay Scanner FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic File Scans Directory Scans Scans of Running Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Processes, Listening Ports
Solaris    

         

AIX

For a list of supported AIX versions, see Deep Security Agent platforms.

Anti-Malware Web Reputation Service Firewall Intrusion
Prevention
System
Integrity
Monitoring
Log Inspection Application Control Recommen-
dation Scan
Relay Scanner FIPS mode
  Real-time On-demand Real-time On-demand
Feature set 1 Feature set 2 Feature set 1 Feature set 2 Unencrypted Traffic SSL Encrypted Traffic FileScans Directory Scans Scans of Running Processes, Listening Ports File and Directory Scans Registry Scans Scans of Running Processes, Listening Ports
AIX 6.1, 7.1, 7.2                  

Feature set 1 includes signature-based file scanning, spyware scanning, and document exploit protection.

Feature set 2 includes behavior monitoring, process memory scanning, and registry scanning.

(1) This platform supports enhanced real-time integrity monitoring. It uses the application control driver to provide file monitoring and captures information about who made changes to a monitored file.

(2) Microsoft releases regular, semi-annual releases for Microsoft Windows 10 and Windows Server Core. For details about which specific releases are supported, see Deep Security Support for Windows 10 and Deep Security Support for Windows Server Core.

(3) All Trend Micro testing on Windows Embedded platforms is performed in a virtualized environment. Because these operating systems are typically run on custom hardware (for example, on point-of-sale terminals), customers must plan to thoroughly test on their target hardware platform prior to deployment in a production environment. In addition, before raising support cases, customers should attempt to reproduce problems in a virtualized environment because this is the environment the Trend Micro support team has available. If the issue is specific to deployments on custom hardware, Trend Micro may require the customer to provide us with remote access to a suitable environment before we can fully respond to support cases.

(4) Real-time Anti-Malware support on Linux: Real-time Anti-Malware scanning is highly dependent on the file system hooking implementation, so file system incompatibility can cause issues with this feature. The following table shows which file systems are compatible with the feature:

File system type       Deep Security Agent version
20 12 FR 12.0 11.3 11.2 11.1 11.0 10.3 10.2 10.1 10.0 9.6
Disk file systems ext2
ext3
ext4
XFS
Btrfs
VFAT
Optical discs ISO 9660
Special file systems tmpfs
aufs  
OverlayFS
Network file systems
(see Note, below)
NFSv3
NFSv4
SMB
CIFS
FTP

To protect network file systems, you must select Enable network directory scan in the malware scan configuration. For information, see Scan a network directory (real-time scan only).

(5) This feature is available only with Full/Desktop Experience installations. It is not supported with Server Core installations.