Deep Security Manager - 20.0.447 (20 LTS Update 2021-06-28)
Release date: June 28, 2021
Build number: 20.0.447New Feature
- Re-parent agents: Deep Security Manager now supports moving agents to Trend Micro Cloud One Workload Security using the new "MoveAgent" API command. This command automates the process of re-parenting an activated Deep Security Agent from its current on-premise manager to a Workload Security tenant. If re-parenting is unsuccessful, the agent will re-activate with its on-premise manager, retaining its previous configuration.
Due to feature differences between the Deep Security and Workload Security managers, move tasks may be refused to prevent unexpected behaviors. Customers should disable the following features before moving agents:
- FIPS 140-2: Deep Security Manager will refuse move tasks if FIPS 140-2 support is enabled.
- Deep Security Virtual Appliance: Computers protected by Deep Security Virtual Appliance (agentless or combined mode) will refuse move tasks.
- SAP NetWeaver integration: Agents with SAP NetWeaver integration will accept move tasks. However, after being moved to Workload Security, the SAP NetWeaver integration will not be available until it is supported on Workload Security.
Enhancements
- Updated Deep Security Manager to add PostgreSQL 12 and PostgreSQL 13 database support. DS-59911
- Removed the Windows logo that was displayed next to Predictive Machine Learning in the Deep Security Manager UI. (Predictive Machine Learning is currently supported by all Windows agents as well as Linux agents version 20.0.0-2395+.) DS-62929
- Updated Deep Security Manager to note which agent versions support Behavior Monitoring "Pass" action: Deep Security Agent 20.0.0-1559+ (Windows) and Deep Security Agent 20.0.0-1822+ (Linux). DS-62937
- Updated the "Activity Data Forwarding" description (Administration > System Settings > Trend Micro Vision One) to provide more information on script deployment. DS-63278
- Updated the Endpoint Basecamp deployment script (Administration > System Settings > Trend Micro Vision One > Activity Data Forwarding) to improve support on some platforms, and updated script deployment error messages to be more descriptive. SEG-109629/DS-63157
Resolved issues
- In Deep Security Manager's Tenants page (Administration > Tenants), some columns were being sorted based only on the first digit of the number of events or jobs, instead of being sorted based on the entire number. SEG-107657/DS-62544
- Deep Security Manager had high memory consumption when querying databases with a large number of security profiles. SEG-103097/SF04265571/DS-61490
- Anti-Malware Real-Time Scan Configuration policies sometimes did not reset to their inherited value properly. DS-63835
- System event messages sometimes contained information referencing the wrong operating system. SF04443281/SEG-111629/DS-64089
What's new in Deep Security Manager? | Deep SecuritySecurity updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DS-63110/DS-61049
- Highest CVSS: 5.8
- Highest severity: Low
