Trend Micro Deep Security 9.5 ( Deep Security Agent ) – Part 6

Pls check my previous blogs for the DSM , Relay Server , vShield Endpoint, Filter Driver and DSVA installation and  all its features.In this Blog we will see the Deep Security Agent functions and steps involved to install it in Linux and Physical Windows Server.

Deep Security Agent  : Non-Windows VMs (such as Linux), the agent is deployed directly to the VM’s OS computer, providing Intrusion Prevention, Firewall, Web Application Protection, Application Control, Integrity Monitoring and Log Inspection protection. This is the traditional client-server deployment model and the agent could be included within the imaging process or pushed out from the DSM.

Deep Security Agent

  • Memory:

◦ with Anti-Malware protection: 512MB

◦ without Anti-Malware protection: 128MB

  • Disk Space: 1GB

◦ with Anti-Malware protection: 1GB

◦ without Anti-Malware protection: 500MB

◦ with Relay functionality enabled: 8GB

  • Supported Platforms: Windows, Linux, Solaris, AIX, HP-UX, CloudLinux, Amazon Lin ux, Oracle Linux, Ubuntu, SuSE.

Like DSVA make sure the PORTS are open in firewall between Linux installed agent server and DSM\Relay server.

DSM –> DSA installed Linux Server

port used: 4118 for manager initiated communication

DSA installed Linux Server–> DSM

port used: 4120 for agent initiated communiction

DSA installed Linux Server –> Relay

Port used: 4122 for sending updates etc

Pls check the below link for kernel support by Trend.

For Deep Security v9.6

For Deep Security v9.5 SP1

For feature_matrix

Installation Steps of DSA in Linux Server.

In Linux Server pls follow the below steps to install the agant.

Go to the linux machine –

Copy the rpm file to the Linux machine.

Install the agent.  #rpm -ivh filename.rpm

After the installation, check the status of the ds_agent.  #service ds_agent status

Activate the machine using the Deep Security Web Console.

If the machine shows managed (online) status, then proceed to assign a security policy with anti-malware feature enabled.

Wait for a few minutes and see if anti-malware protection comes online.

Anti-Malware Engine offline after DSA instillation. 

Once the DSA Installation is completed , Linux Server have to report to DSM with Anti-Malware Engine online , In case if its showing offline then check the Relay Server service and also thethe above mentioned ports between Linux server and Relay Server . If port is open but still the engine is offline then follow the below method to fix the same.

DSA

. Unassign the Security Policy from the machine

De-activate the agent.

Go to the linux machine, uninstall the ds_agent and Re-install with the same installation steps.

DSA Additional Information:

We can see Deep Security Agent releted files in the below path.

Go to cd\opt\ds_agent

linux

To get logs related to DSA  Under log :

more messages | grep filter

To get the Installation related files:

rpm -ql ds_agent.

linux2

 

DSA Installation on Windows Physical Machines , Its very straight froward , just down load the latest agent from the local in DSM and start the installation like below.

wdsa

 

wdsa1

 

 

 

Once the installation is completed , we can see the icon in the status bar and also the agent in the services..

 

 

wdsa2

wdsa3

In My Next Blog we can see the Installation and function of Trend Smart Protection Server.

Advertisements
This entry was posted in Trend Micro Deep Security and tagged , , , . Bookmark the permalink.

One Response to Trend Micro Deep Security 9.5 ( Deep Security Agent ) – Part 6

  1. Pingback: Trend Micro Deep Security 9.5 ( Smart Scanning Protection Server – SSP Server) – Part 7 | Techbrainblog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s