まっちゃだいふくの日記

セキュリティのこと、ITの気になった記事をリンクしています。

Trend Micro Deep Security 10.0 Update 15 公開のお知らせ:サポート情報 : トレンドマイクロ@マネージャーにタイムゾーンが追加されたり、Deep Security AgentでHTTPSのロングリクエストでCPU100%になったりする対応みたい

Trend Micro Deep Security 10.0 Update 15 公開のお知らせ

Deep Security 10.0 Update 15 のモジュールを公開いたします。
■ 公開開始日

2018 年 10 月 31 日 (水)

■ 対象モジュール

Deep Security Manager
Linux 版 Deep Security Agent
Unix 版 Deep Security Agent
Windows 版 Deep Security Agent
Windows 版 Deep Security Notifier
■ 追加機能/修正内容

追加機能や修正内容は付属の Readme をご覧ください。
※日本語のReadmeは一か月以内を目安に公開いたします。

■ 入手方法

Deep Securityヘルプセンターからダウンロードできます。
「Deep Securityヘルプセンター」
また、以下の製品 Q&A も合わせてご参照ください。
Update プログラムとは

Manager

2. What's New
========================================================================

   2.1 Enhancements
   =====================================================================
   The following enhancement is included in this release:
   
   Enhancement 1: [DSSEG-2902]
                  In this release, a time zone improvement has been
                  added to the Deep Security Manager logging.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

   2.2 Resolved Known Issues
   =====================================================================
   This release resolves the following issues:
     
   Issue 1:       [DSSEG-2798/01136786/SEG-34881]
                  "User Session Validation Failed" events occurred
                  unexpectedly when the Deep Security Manager sign-in
                  page was accessed.
   
   Solution 1:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 2:       [DSSEG-2743]
                  The previous heartbeat default buffer size (2 KB) was
                  too small in some environments, and could cause the
                  Deep Security Agent to fail to communicate properly
                  with the Deep Security Manager.
   
   Solution 2:    The socket buffer size for agent-initiated
                  communication is now configurable and the default
                  value has been increased to 32 KB.
                  To change the value, use this command: 
                  
                  dsm_c -action changesetting -name settings.configuration.heartbeatSocketBufferSize -value VALUE
                  
                  ... where VALUE is the buffer size, in bytes. For
                  example, to set the buffer to 2 KB, set the VALUE to
                  2048.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Agent

2. What's New
========================================================================

   2.1 Enhancements
   =====================================================================
   The following enhancements are included in this release:
   
   Enhancement 1: [DSSEG-2827/SEG-34684]
                  Previously, the network engine would sometimes fill
                  the MAC field in event logs with zeros for outgoing
                  packets, to make the logs easier to read. This release
                  removes this behavior to avoid issues in an overlay
                  network environment. In the event logs, the MAC
                  address for outgoing packets may be empty or contain a
                  random number.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Enhancement 2: [DSSEG-2489]
                  Anti-Malware Scan Engine can be displayed and has the
                  option to enable or disable an Anti-Malware update.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Enhancement 3: [DSSEG-2257]
                  The Anti-Malware engine offline error is not reported 
                  when the computer is preparing to shutdown. 
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  
   Enhancement 4: [DSSEG-2746/SF00374619/SF00340345/00425845/00389528/
                  SF179909/00368352/SF159145/SF318628/00513686/00528775/
                  538145/441559/00611107]
                  In this release, the Deep Security Agent installer
                  checks the installation platform to prevent
                  installation of an agent that does not match the
                  platform. This feature is supported on: 
                  - Amazon Linux and Amazon Linux 2 
                  - Red Hat Enterprise Linux 5, 6 and 7 
                  - CentOS 5, 6 and 7 
                  - Cloud Linux 6 and 7 
                  - Oracle iLnux 5, 6 and 7 
                  - SUSE Linux Enterprise Server 11 and 12
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Enhancement 5: [DSSEG-2308]
                  The version of OpenSSL used by the Deep Security Agent
                  and Deep Security Relay has been updated
                  to openssl-1.0.2o.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~                 
   

   2.2 Resolved Known Issues
   =====================================================================
   This release resolves the following issues:
     
   Issue 1:       [DSSEG-2857/SEG-33085]
                  An unactivated Deep Security Agent could reach 100%
                  CPU usage when handling a long HTTPS request.
   
   Solution 1:    The issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 2:       [DSSEG-2799/SEG-34463]
                  The Agent operating system could crash when Anti-
                  Malware was enabled or the Agent was stopped.
   
   Solution 2:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Notifier

2. What's New
========================================================================

   2.1 Enhancements
   =====================================================================
   The following enhancement(s) are included in this release:
   
   Enhancement 1: [DSSEG-2489]
                  Anti-Malware Scan Engine can be displayed and has the
                  option to enable or disable an Anti-Malware update
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Enhancement 2: [DSSEG-2257]
                  The Anti-Malware engine offline error is not reported 
                  when the computer is preparing to shutdown. 
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  
   Enhancement 3: [DSSEG-2308]
                  The version of OpenSSL used by the Deep Security Agent
                  and Deep Security Relay has been updated to 
                  openssl-1.0.2o.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~                 
   

   2.2 Resolved Known Issues
   =====================================================================
   This release resolves the following issues:
   
   Issue 1:       [DSSEG-2867/SEG-36902/SF01197096]
                  The Deep Security Agent could not be installed
                  properly on Windows XP and Windows 2003.
   
   Solution 1:    This issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 2:       [DSSEG-2857/SEG-33085]
                  An unactivated Deep Security Agent could reach 100%
                  CPU usage when handling a long HTTPS request.
   
   Solution 2:    The issue is fixed in this release.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~