Uninstall Deep Security
When you manually uninstall the activated Deep Security Agent or relay from a computer, the computer does not notify Deep Security Manager that the software has been uninstalled. On the Computers page in Deep Security Manager, the computer's status is still displayed as Managed (Offline) or similar, depending on the context. To avoid this, on Deep Security Manager, do one of the following:
- Deactivate the agent or relay before uninstalling it.
- Delete the computer from the list after uninstalling the agent.
Uninstall a Deep Security relay
A Deep Security relay is an agent with the relay feature enabled. To remove the relay, you must uninstall the agent software.
Uninstall a relay on Windows
Before updating or uninstalling a Deep Security Agent or relay on Windows, you need to disable agent self-protection. To do this, on the Deep Security Manager, go to Computer editorTo open the Computer editor, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). > Settings > General. In Agent Self Protection, either deselect Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent or enter a password for local override.
From the Windows Control Panel, select Add / Remove Programs, double-click Trend Micro Deep Security Agent, and then click Remove.
Alternatively, you can uninstall from the command line by executing the following:
msiexec /x <package name including extension>
For a silent uninstall, add /quiet to the preceding command.
Uninstall a relay on Linux
To completely remove the relay and any configuration files it created on a platform that uses the Red Hat package manager (RPM), such as CentOS, Amazon Linux, Oracle Linux, SUSE, or Cloud Linux, execute the following command:
# sudo rpm -ev ds_agent
Stopping ds_agent: [ OK ]
Unloading dsa_filter module [ OK ]
If iptables was enabled prior to the installation of the relay-enabled agent, it will be re-enabled when the relay-enabled agent is uninstalled.
Uninstall Deep Security Agent
Uninstall an agent on Windows
Before updating or uninstalling a Deep Security Agent or relay on Windows, you must disable agent self-protection. To do this, on the Deep Security Manager, go to Computer editorTo open the Computer editor, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). > Settings > General. In Agent Self Protection, and then either deselect Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent or enter a password for local override.
- Deactivate the agent using Deep Security Manager by navigating to the Computers page, right-clicking the computer, and selecting Actions > Deactivate.
If you cannot deactivate the agent because Deep Security Manager is unable to communicate with the agent, you need to execute the following before continuing to the next step:C:\Program Files\Trend Micro\Deep Security Agent>dsa_control --selfprotect 0
- Open the Windows Control Panel and select Uninstall a program.
- Look for Trend Micro Deep Security Agent and click Uninstall.
Alternatively, you can uninstall from the command line by executing the following:
msiexec /x <package name including extension>
For a silent uninstall, add /quiet to the preceding command.
Uninstall an agent on Linux
Before uninstalling an agent on Linux, check whether or not agent self-protection is enabled. If it is enabled, you need to disable it on the policy or computer level. For more information, see Enable or disable agent self-protection in Linux.
If your version of Linux provides a graphical package management tool, you can search for the ds_agent
package and use the tool remove the package. Otherwise, use the command line.
To completely remove the agent and any configuration files it created on a platform that uses the Red Hat package manager (RPM), such as CentOS, Amazon Linux, Oracle Linux, SUSE, or Cloud Linux, execute the following command:
# sudo rpm -ev ds_agent
Stopping ds_agent: [ OK ]
Unloading dsa_filter module [ OK ]
If iptables was enabled prior to installing Deep Security Agent, it is re-enabled when the agent is uninstalled.
If the platform uses Debian package manager (dpkg), such as Debian and Ubuntu, execute the following command:
$ sudo dpkg -r ds-agent
$ sudo dpkg --purge ds-agent
Removing ds-agent...
Stopping ds_agent: .[OK]
Uninstall an agent on Solaris 10
Execute the following command:
pkgrm ds-agent
Uninstall may require a reboot.
Uninstall an agent on Solaris 11
Execute the following command:
pkg uninstall ds-agent
Uninstall may require a reboot.
Uninstall an agent on AIX
Execute the following command:
installp -u ds_agent
Uninstall an agent on Red Hat OpenShift
Execute the following command:
helm uninstall ds-agent
Uninstall Deep Security Notifier
Open the Windows Control Panel, select Add / Remove Programs, double-click Trend Micro Deep Security Notifier, and then click Remove.
To uninstall from the command line, execute the following command:
msiexec /x <package name including extension>
For a silent uninstall, add /quiet to the preceding command.
Uninstall Deep Security Manager
Uninstall the manager on Windows
From the Windows Start Menu, go to Trend Micro > Trend Micro Deep Security Manager Uninstaller and follow the steps to complete the uninstall.
To initiate the same Windows uninstall procedure from the command line, go to the installation folder and enter the following:
<installation folder>\Uninstall.exe
For a silent uninstall from the command line, add -q, as follows:
<installation folder>\Uninstall.exe -q
During a silent uninstall via the command line, the configuration files are kept so that if you reinstall, the installer repairs or upgrades the agent using existing settings.
Uninstall the manager on Linux
To uninstall via the command line, go to the installation folder and enter the following:
sudo ./uninstall
For a silent uninstall, add -q to the preceding command.
During a silent uninstall via the command line, the configuration files are kept by default so that if you reinstall, the installer repairs upgrades the agent using existing settings.
>If you do not keep the configuration files during the uninstall and you later decide to reinstall Deep Security Manager, perform a manual clean-up before reinstalling. To remove the Deep Security Manager installation directory, execute the following command:
sudo rm -rf <installation location>
The default installation location is /opt/dsm
.