New features

• Ubuntu 22.04 (AWS ARM-based Graviton 2) support: Deep Security Agent (version 20.0.0-5394+) is now supported on Ubuntu 22.04 (AWS ARM-based Graviton 2) (This requires Deep Security Manager version 20.0.677+.)

Enhancements

• The Deep Security Agent process will now restart automatically if the file descriptor count is abnormally high, and a counter was added to track how many times this event occurs. SF05212995/SEG-130431/DS-72616
• Application Control now detects software changes for executables with non executable extensions. DS-70805
• Updated Deep Security Agent to add support for inspecting packets using dynamic ports in a TLS connection. DS-71078
• Updated Deep Security Agent to add more metrics for Advanced TLS Inspection. DS-72833

Resolved issues

• When TLS inspection was done on a UDP connection with dynamic ports, the operating system would sometimes crash. SEG-151169/DS-73043
• Log Inspection Engine would go offline when using '$' character in match or regex fields together with variables. SEG-146965/SEG-146166/DS-72325
• Anti-Malware would sometimes leak file descriptors. SF05212995/SEG-130431/DS-72979
• When assigning a policy with real-time Anti-Malware turned off to a new guest VM, it would sometimes turn off real-time Anti-Malware for all other guest VMs registered to the same Deep Security Virtual Appliance. SEG-146057/DS-72856
• Application Control would still block access to network files while in maintenance mode. SF04922652/SEG-131710/DS-72037
• When Application Control is enabled, Adobe plugins were generating unexpected security events. SF05823607/SEG-148570/DS-72679
• Deep Security Agent would return "revision mismatch (-10039)" errors when loading certain configuration files during an agent update. DS-72499
• Deep Security Agent would report detected software changes before Application Control inventory scan was completed. DS-72071

Known issues

• When executing multiple custom script tasks, new tasks are currently overwritten by previous unfinished tasks. You can execute custom script tasks one by one to bypass this issue. (This issue will be fixed in a future release.) DS-72699

Enhancements

• Application Control now detects software changes for executables with non executable extensions. DS-70805
• Added SYSTEM user network drives and mount points for Windows to the information collected when generating a diagnostics package. DS-71816
• Updated Deep Security Agent to add support for inspecting packets using dynamic ports in a TLS connection. DS-71078
• Updated Deep Security Agent so Application Control will automatically authorize test PowerShell scripts created by AppLocker. DS-71762
• Behavior Monitoring exclusions now support wildcard characters. DS-71976
• Updated Deep Security Agent to add more metrics for Advanced TLS Inspection. DS-72833

Resolved issues

• When TLS inspection was done on a UDP connection with dynamic ports, the operating system would sometimes crash. SEG-151169/DS-73043
• Log Inspection Engine would go offline when using '$' character in match or regex fields together with variables. SEG-146965/SEG-146166/DS-72325
• When assigning a policy with real-time Anti-Malware turned off to a new guest VM, it would sometimes turn off real-time Anti-Malware for all other guest VMs registered to the same Deep Security Virtual Appliance. SEG-146057/DS-72856
• When Behavior Monitoring is enabled, Deep Security Agent would sometimes prevent Docker on Windows from starting. SF05709278/SEG-146323/DSSEG-7660
• Application Control would still block access to network files while in maintenance mode. SF04922652/SEG-131710/DS-72037
• When Application Control is enabled, Adobe plugins were generating unexpected security events. SF05823607/SEG-148570/DS-72679
• Deep Security Agent would sometimes retrieve incorrect PID information on Windows for connection metrics and log events. DS-72526
• Deep Security Agent would return "revision mismatch (-10039)" errors when loading certain configuration files during an agent update. DS-72499
• Deep Security Agent would report detected software changes before Application Control inventory scan was completed. DS-72071

Known issues

• When executing multiple custom script tasks, new tasks are currently overwritten by previous unfinished tasks. You can execute custom script tasks one by one to bypass this issue. (This issue will be fixed in a future release.) DS-72699
• Deep Security Agent versions 20.0.0-5137+ are unable to load the third party libraries needed for Activity Monitoring on Windows 2008 platform. If you need Activity Monitoring for a Windows 2008 system, please avoid upgrading your agent. (This issue will be fixed in a future release.) DS-72573

New features

• AIX7.3 support: Deep Security Agent (version 20.0.0-5394+) now supports AIX7.3 (This requires Deep Security Manager version 20.0.677+.)

Enhancements

• Application Control now detects software changes for executables with non executable extensions. DS-70805
• Updated Deep Security Agent to add support for inspecting packets using dynamic ports in a TLS connection. DS-71078
• Updated Deep Security Agent to add more metrics for Advanced TLS Inspection. DS-72833

Resolved issues

• When TLS inspection was done on a UDP connection with dynamic ports, the operating system would sometimes crash. SEG-151169/DS-73043
• Log Inspection Engine would go offline when using '$' character in match or regex fields together with variables. SEG-146965/SEG-146166/DS-72325
• When assigning a policy with real-time Anti-Malware turned off to a new guest VM, it would sometimes turn off real-time Anti-Malware for all other guest VMs registered to the same Deep Security Virtual Appliance. SEG-146057/DS-72856
• Application Control would still block access to network files while in maintenance mode. SF04922652/SEG-131710/DS-72037
• When Application Control is enabled, Adobe plugins were generating unexpected security events. SF05823607/SEG-148570/DS-72679
• Deep Security Agent would return "revision mismatch (-10039)" errors when loading certain configuration files during an agent update. DS-72499
• Deep Security Agent would report detected software changes before Application Control inventory scan was completed. DS-72071

Known issues

• When executing multiple custom script tasks, new tasks are currently overwritten by previous unfinished tasks. You can execute custom script tasks one by one to bypass this issue. (This issue will be fixed in a future release.) DS-72699

New features

• Activity Monitoring: Deep Security Agent for macOS (version 20.0.0-173+) now supports File Collection response from Trend Micro Vision One Portal.

OS proxy: Deep Security Agent for macOS (version 20.0.0-173+) can now apply the operating system's proxy settings to automatically connect to Trend Micro Cloud One - Workload Security, Deep Security Relay, and other Trend Micro backend services if the default agent-configured proxy loses its connection.

In preview

• Activity Monitoring: Deep Security Agent for macOS (version 20.0.0-173+) supports Remote Shell response from Vision One Portal. For details and a list of supported commands, see Remote Shell.