Why am I getting "Unrecognized Client" events?

The Unrecognized Client event message appears when the Deep Security Manager is contacted by a Deep Security Agent that it doesn't recognize.

The most common reason is that an instance has been manually deleted from the Computers page in Deep Security Manager before deactivating the agent on that instance.

The Deep Security Agent on the instance will continue to try to connect to the Deep Security Manager periodically, generating the Contact by Unrecognized Client event message.

In order to bring the deleted computer back into the list of computers in Deep Security Manager, you need to do the following:

  1. Go to Administration > System Settings > Agents > Agent-Initiated Activation and select Allow reactivation of unknown VMs. With this setting enabled, instances will be re-added on their next heartbeat.
  2. If you no longer want to protect this computer, use the Computer > Actions menu to deactivate the agent.

Note: After the agent has been deactivated, then you can manually delete the computer from the Computers list in the Deep Security Manager.