NSX Bytes: Trend Deep Security 9.6 DSVA Deployment Gotchya

06/15/2016 / Anthony Spiteri

This week I’ve been working with Trend Deep Security 9.6 to get a Proof of Concept up and running to protect some internal management virtual machines with Trends agentless protection feature. Trend now integrates with NSX and In an NSX enabled environment, the Deep Security Virtual Appliance (DSVA) provides Anti-Malware, Integrity Monitoring, Web Reputation Service, Firewall, and Intrusion Prevention for your virtual machines, without requiring an Agent.

After following the Install Guide and having installed the Deep Security Manager and connected the vCenter and NSX Managers through the DSM Web Console I installed the NSX Guest Introspection ESX Agents under Service Deployments and got to the part to deploy the Trend Micro Deep Security Service from the same location in the Web Client I got the following error.

Checking the Service Definitions menu under Trend Micro I saw that the Deployment settings looked correct as per the install guide. Heading to the URL provided I got an error from the DSM saying that there was a database error and the file was not found…matching the error above.

After a little digging I checked to see what was listed in the DSM Local Software repository and couldn’t see the ESX Agent in the list. This needs to be imported first before you can use the Service Deployment section to deploy the Trend Micro DSVAs (Download Link). Under > Updates > Software > Local page and click Import. Once imported you should see the following.

Once that has been done you can click on the Resolve Button in the System Alarm window of the NSX Service Deployment section and the appliances will be deployed as version 9.5 as shown below.

Important Note:
EDIT: Trend has responded in the comments:

As mentioned on the download page:

If you are implementing Agentless protection, install the 9.5 version of the DSVA and import the Agent Software for Red Hat Enterprise Linux 6 64-bit package. Afterward, the DSVA will be able to upgrade to the version 9.6…but DONT!

Upgrade Notice: Version 9.6 of the DSVA is limited to providing Anti-Malware and Integrity Monitoring protection for your virtual machines. If you need pure Agentless protection with Anti-Malware, Firewall, Intrusion Prevention and Integrity Monitoring, do not activate the Deep Security Agent on the VMs and do not upgrade your DSVA to 9.6.

So if you want that agentless protection for all Trend Deep Security features as listed above do not upgrade to the 9.6 version of the DSVA. I’m not sure why this is the case, but I will chase this up and update this post when I know more.

References:

http://docs.trendmicro.com/all/ent/ds/v9.6/en-us/Deep_Security_96_Install_Guide_nsx_EN.pdf

http://downloadcenter.trendmicro.com/index.php?regs=NABU&clk=latest&clkval=4856&lang_loc=1

NSX Trend VSA

Released: PernixData FVP 3.5 and Architect 1.1

About the Author - Anthony Spiteri

Regional CTO APJ, Veeam Product Strategy & Lead Cloud and Service Provider Technologist Anthony works in Product Strategy and the Office of the CTO at Veeam. Anthony focuses on Veeam’s Cloud and Service Provider technologies and partners along with automation, IaC and modern application platforms. Anthony previously held architectural lead roles at some of Australia's leading Cloud providers. At Veeam, he is responsible for generating content, evangelism, collecting product feedback, presenting at major events and engaging with Analyst and Media as an official Veeam spokesperson. With a Master’s Degree in Network and System Administration (Distinction) from Charles Sturt, he can be found blogging at https://anthonyspiteri.net or hosting the Great Things with Great Tech Podcast at https://gtwgt.com

VIRTUALIZATION IS LIFE!