Deep Security 9 SP1 p2 Installation Deep Security Virtual Appliance The Deep Security Virtual Appliance

  • View
    0

  • Download
    0

Embed Size (px)

Text of Deep Security 9 SP1 p2 Installation Deep Security Virtual Appliance The Deep Security Virtual...

  • Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before

    installing and using the software, please review the readme files, release notes, and the latest version of the applicable user documentation,

    which are available from the Trend Micro Web site at:

    http://www.trendmicro.com/download

    Trend Micro, the Trend Micro t-ball logo, Deep Security, Control Server Plug-in, Damage Cleanup Services, eServer Plug-in, InterScan,

    Network VirusWall, ScanMail, ServerProtect, and TrendLabs are trademarks or registered trademarks of Trend Micro, Incorporated. All other

    product or company names may be trademarks or registered trademarks of their owners.

    Document version: 1.0

    Document number: APEM96199/131029

    Release date: December 2013

    Document generated: Dec 13, 2013 (16:11:08)

    Deep Security 9 SP1 p2 Installation Guide

    2

    http://www.trendmicro.com/download

  • Table of Contents

    Introduction ........................................................................................................................................5

    About Deep Security ................................................................................................................................................................................6

    What's New in Deep Security 9 SP1 .....................................................................................................................................................10

    Agent-Based Protection Models.............................................................................................................................................................14

    Agentless Protection Models..................................................................................................................................................................16

    Hybrid Protection Models ......................................................................................................................................................................19

    Installation ........................................................................................................................................21

    What you will Need................................................................................................................................................................................22

    System Requirements .............................................................................................................................................................................28

    Preparing a VMware Environment for Agentless Protection.................................................................................................................31

    Install a Database for Deep Security ......................................................................................................................................................34

    Installing a Database for Deep Security (Multi-Tenancy Requirements) ..............................................................................................35

    Install Deep Security Manager ...............................................................................................................................................................39

    Installing the Deep Security Relay.........................................................................................................................................................43

    Preparing ESXi for Deep Security Virtual Appliance Deployment .......................................................................................................46

    Deploying the Deep Security Virtual Appliance....................................................................................................................................48

    Automatically Deploying an Appliance for Stateless ESXi...................................................................................................................51

    Install Deep Security Agents..................................................................................................................................................................57

    Installing the Deep Security Notifier......................................................................................................................................................67

    Enable Multi-Tenancy ............................................................................................................................................................................68

    Multi-Tenancy (Advanced) ....................................................................................................................................................................78

    Configure vCloud for Integration with Deep Security ...........................................................................................................................81

    Configure Amazon EC2 Resources for Integration with Deep Security................................................................................................85

    Upgrading .........................................................................................................................................86

    Upgrade Scenarios..................................................................................................................................................................................87

    Upgrading Deep Security 8.0 SP2 Software Components .....................................................................................................................88

    Upgrading from DS 8.0 SP2 with Agentless Anti-Malware Protection (Includes upgrading ESX/ESXi 4.1 to 5.0, 5.1, or 5.5) .........91

    Upgrading from Deep Security 8.0 SP2 with Agentless FW and IPS Only (Upgrading from ESX/ESXi 4.1 to 5.0, 5.1, or 5.5) ........95

    Upgrading from Deep Security 8.0 SP2 with In-guest Agent-Based Protection Only ..........................................................................98

    Upgrade Deep Security Agents ..............................................................................................................................................................99

    Upgrade the Deep Security Notifier .....................................................................................................................................................100

  • Quick Start ......................................................................................................................................101

    Quick Start: System Configuration ......................................................................................................................................................102

    Quick Start: Protecting a Server...........................................................................................................................................................110

    Import Deep Security Software............................................................................................................................................................119

    Configuring the Deep Security Relay ..................................................................................................................................................121

    Appendices .....................................................................................................................................123

    Supported Features by Platform...........................................................................................................................................................124

    Deep Security Manager Settings Properties File..................................................................................................................................126

    Deep Security Manager Memory Usage ..............................................................................................................................................133

    Deep Security Virtual Appliance Memory Usage................................................................................................................................134

    Performance Features ...........................................................................................................................................................................135

    Creating an SSL Authentication Certificate .........................................................................................................................................137

    Minimum VMware Privileges for DSVA Deployment ........................................................................................................................140

    Uninstalling Deep Security ..................................................................................................................................................................143

    Frequently Asked Questions ................................................................................................................................................................148

    Troubleshooting....................................................................................................................................................................................150

  • Introduction

  • About Deep Security