What's new?

Below are recent changes to Deep Security as a Service.

  • Product Usage Data Collection: The "Product Usage Data Collection" setting is now enabled by default. This can be disabled on Administration > System Settings > Advanced of the Deep Security Manager.
  • Filter smart folders by Agent version: When creating a smart folder, you can now select "Version" as the filter criteria to filter computers based on their Agent version. For more information, see Group computers dynamically with smart folders.
  • Filter smart folders by task: When creating a smart folder, you can now select "Task(s)" as the filter criteria, which filters for values displayed in the "Task(s)" column on the Computers page. For example, you could create a smart folder that lists all computers that contain "Scheduled Malware Scan Pending (Offline)" as the task. Additionally, if you are using the Deep Security API to search for computers, you can now search on the value of the tasks/agentTasks and tasks/applianceTasks fields. For more information, see Group computers dynamically with smart folders.
  • Application Control API: Application Control API capabilities have been added to the /api. For more information, visit the Deep Security Automation Center.
  • Azure 'Quick' mode removal: Previously, the Add Azure Account wizard in Deep Security as a Service included the ability to select a Quick mode and an Advanced mode. In this release, Quick mode has been removed because it required giving excessive permissions to Deep Security as a Service. If you used Quick mode in prior releases, there is no impact to your deployment.
  • Deep Security API updates: The Deep Security API now includes a Python SDK and the API reference includes Python examples. The API also introduces a new /roles endpoint. For more information, visit the Deep Security Automation Center.
  • Upgrade on activation: Deep Security as a Service provides an option that instructs Deep Security Agents to automatically upgrade to the latest compatible version of the agent software when the agent is activated. For details, see Automatically upgrade agents on activation.

    Upgrade on activation is initially supported for Linux platforms only (Windows and UNIX platforms are skipped when the feature is enabled) and is controlled through a global system setting.

  • Logging improvement: To help with troubleshooting and to allow for the correlation of events between the Deep Security Manager and the Deep Security Agent, you can now choose to include the time zone in events. See Forward Deep Security events to an external syslog or SIEM server.
  • New agent platform support: Deep Security Agent 11.3 adds support for:
    • Windows 10 version 1809 (RS5)
    • Windows Server 2019
    • Windows 10 Embedded (64-bit), Windows 8.1 Embedded (32-bit), and Windows 7 Embedded (32-bit). For important details about Windows Embedded support, see Supported features by platform.