Uninstall Deep Security

When you manually uninstall the activated Deep Security Agent or relay from a computer, the computer does not notify Deep Security Manager that the software has been uninstalled. On the Computers page in Deep Security Manager, the computer's status is still displayed as Managed (Offline) or similar, depending on the context. To avoid this, on Deep Security Manager, do one of the following:

  • Deactivate the agent or relay before uninstalling it.
  • Delete the computer from the list after uninstalling the agent.

Uninstall a Deep Security relay

A Deep Security relay is an agent with the relay feature enabled. To remove the relay, you must uninstall the agent software.

Uninstall a relay on Windows

Before updating or uninstalling a Deep Security Agent or relay on Windows, you need to disable agent self-protection. To do this, on the Deep Security Manager, go to Computer editorClosedTo open the Computer editor, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). > Settings > General. In Agent Self Protection, either deselect Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent or enter a password for local override.

From the Windows Control Panel, select Add / Remove Programs, double-click Trend Micro Deep Security Agent, and then click Remove.

Alternatively, you can uninstall from the command line by executing the following:

msiexec /x <package name including extension>

For a silent uninstall, add /quiet to the preceding command.

Uninstall a relay on Linux

To completely remove the relay and any configuration files it created on a platform that uses the Red Hat package manager (RPM), such as CentOS, Amazon Linux, Oracle Linux, SUSE, or Cloud Linux, execute the following command:

# sudo rpm -ev ds_agent
Stopping ds_agent: [ OK ]
Unloading dsa_filter module [ OK ]

If iptables was enabled prior to the installation of the relay-enabled agent, it will be re-enabled when the relay-enabled agent is uninstalled.

Remember to remove the relay-enabled agent from the Deep Security Manager's list of managed computers and from the relay group.

Uninstall Deep Security Agent

Uninstall an agent on Windows

Before updating or uninstalling a Deep Security Agent or relay on Windows, you must disable agent self-protection. To do this, on the Deep Security Manager, go to Computer editorClosedTo open the Computer editor, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). > Settings > General. In Agent Self Protection, and then either deselect Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent or enter a password for local override.

  1. Deactivate the agent using Deep Security Manager by navigating to the Computers page, right-clicking the computer, and selecting Actions > Deactivate.
    If you cannot deactivate the agent because Deep Security Manager is unable to communicate with the agent, you need to execute the following before continuing to the next step:
    C:\Program Files\Trend Micro\Deep Security Agent>dsa_control --selfprotect 0
  2. Open the Windows Control Panel and select Uninstall a program.
  3. Look for Trend Micro Deep Security Agent and click Uninstall.

Alternatively, you can uninstall from the command line by executing the following:

msiexec /x <package name including extension>

For a silent uninstall, add /quiet to the preceding command.

Uninstall an agent on Linux

Before uninstalling an agent on Linux, check whether or not agent self-protection is enabled. If it is enabled, you need to disable it on the policy or computer level. For more information, see Enable or disable agent self-protection in Linux.

If your version of Linux provides a graphical package management tool, you can search for the ds_agent package and use the tool remove the package. Otherwise, use the command line.

To completely remove the agent and any configuration files it created on a platform that uses the Red Hat package manager (RPM), such as CentOS, Amazon Linux, Oracle Linux, SUSE, or Cloud Linux, execute the following command:

# sudo rpm -ev ds_agent
Stopping ds_agent: [ OK ]
Unloading dsa_filter module [ OK ]

If iptables was enabled prior to installing Deep Security Agent, it is re-enabled when the agent is uninstalled.

If the platform uses Debian package manager (dpkg), such as Debian and Ubuntu, execute the following command:

$ sudo dpkg -r ds-agent
Removing ds-agent...
Stopping ds_agent: .[OK]

Uninstall an agent on Solaris 10

Execute the following command:

pkgrm ds-agent

Uninstall may require a reboot.

Uninstall an agent on Solaris 11

Execute the following command:

pkg uninstall ds-agent

Uninstall may require a reboot.

Uninstall an agent on AIX

Execute the following command:

installp -u ds_agent

Uninstall an agent on Red Hat OpenShift

Execute the following command:

helm uninstall ds-agent

Uninstall Deep Security Notifier

Open the Windows Control Panel, select Add / Remove Programs, double-click Trend Micro Deep Security Notifier, and then click Remove.

To uninstall from the command line, execute the following command:

msiexec /x <package name including extension>

For a silent uninstall, add /quiet to the preceding command.

Uninstall Deep Security Manager

Uninstall the manager on Windows

From the Windows Start Menu, go to Trend Micro > Trend Micro Deep Security Manager Uninstaller and follow the steps to complete the uninstall.

To initiate the same Windows uninstall procedure from the command line, go to the installation folder and enter the following:

<installation folder>\Uninstall.exe

For a silent uninstall from the command line, add -q, as follows:

<installation folder>\Uninstall.exe -q

During a silent uninstall via the command line, the configuration files are kept so that if you reinstall, the installer repairs or upgrades the agent using existing settings.

Uninstall the manager on Linux

To uninstall via the command line, go to the installation folder and enter the following:

sudo ./uninstall

For a silent uninstall, add -q to the preceding command.

During a silent uninstall via the command line, the configuration files are kept by default so that if you reinstall, the installer repairs upgrades the agent using existing settings.

>If you do not keep the configuration files during the uninstall and you later decide to reinstall Deep Security Manager, perform a manual clean-up before reinstalling. To remove the Deep Security Manager installation directory, execute the following command:

sudo rm -rf <installation location>

The default installation location is /opt/dsm.