Trend Micro Deep Security v8 is out Friday

With the release of Trend Micro Deep Security v8 out this Friday the 27th January and Trend Manager v8 already available for download, I thought I would document my current list of issues I hope will be fixed in the new release.

Areas that could be improved:

  • When you Prepare an ESX Host, there is no mention in the window of which host you are preparing. It gets extremely confusing when you are trying to prepare a large cluster as immediately after preparing the esx host, the next action is to deploy the virtual appliance and there is no indicator of which host you are working so you don’t know which virtual appliance you are deploying or what to name it.
  • Leading on from the point above it would be great if this process could be automated. Why do you have to manually deploy the filter to a single host at a time. You should be able to select a cluster and select Deploy filter. Their solution doesn’t scale well! I pity the fool who has 50 node cluster to roll Trend out too.
  • It would be great to be able to deploy the Trend agent (and now that I mention it, vShield Endpoint agent) to VMs from within Trend Manager. Maybe I missed something here, but I don’t think that is a feature currently.
  • Every time I vmotion a VM the status changes to ‘virtual machine unprotected during move to another ESX.’  I spend my whole team clearing ‘warnings/errors’ as there is often a spurious message being displayed which means you cannot see the current status of the VM. There really needs to be an extra column for Alerts to separate these messages from the Status column as these messages often have no bearing on the status.
  • In the quick start guide there is no mention of the DRS rules or groups that should be configured to ensure that the virtual appliances remain on the correct hosts as well as the preferred HA settings to ensure the virtual appliances are left ‘powered on’ under the isolation response settings.
  • The current version of DS does not support wildcards so you have to exclude the whole folder (D:\WINDOWS\NTDS) — you cannot for instance, exclude NTDS*.* from the D:\WINDOWS\NTDS folder. This is AV 101. Not sure why it wasn’t included!

I welcome any additions to this list!

2 responses to “Trend Micro Deep Security v8 is out Friday

  1. FYI, the inability of doing file-level exclusions (ie: NTDS*.*) is not related to DS, but rather related to VmWare’s vShield Endpoint driver. I am running McAfee MOVE and it has the same limitation. The only way to go around this is to use a thin agent that the vendor provides (McAfee does and I believe TrendMicro as well). Only problem is, the thin agent needs to be licensed on a per endpoint basis…

  2. Thanks for the info Benoit. Looks like Trend have fixed this issue with DS 8 SP1 as it supports wildcards now as well as supporting linux clients. (about time!)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s