Noch im Dezember 2013 gab es die Aussage seitens Trendmicro, ESXi 5.5 Hosts werden von DeepsSecurity 9 nicht mehr unterstützt. Tatsächlich gab es Probleme beim Upgrade von vSphere 5.1 auf vSphere 5.5, wenn gleichzeitig DeepSecurity installiert war. Dies wurde jedoch schnell revidiert und Trendmicro brachte eine Erklärung heraus, dass ESXi 5.5 Hosts unter bestimmten Voraussetzungen unterstützt werden. Eine dieser Voraussetzungen ist die Installation des DS9 SP1 Patch2. Den genauen Zusammenhang zwischen ESXi und vShield Endpoint bezeichnet die Kompatibilitäts-Matrix auf der Support Seite von Trendmicro.
Die Update-Sequenz von vSphere 5.5 und DS9 wird in diesem Artikel beschrieben.
Neuerungen
Deep Security 9.0 SP1 Patch 2 provides the following enhancements:
- Windows 8.1 and Windows Server 2012 R2 support
- Deep Security Agent (DSA) now supports SAP integration in SuSE 11 Service Pack 1 with Xen Kernel.
- DSA now supports both x86 and x64 versions of the CloudLinux 5 and 6 operating systems
- Support for Trend Micro SecureCloud integration.
- All widgets in Deep Security Manager (DSM) console now have a redirect link which opens another browser page.
- Resolved issues from previous releases, including fixes for console-related issues. Refer to the corresponding readme files for more details.
Update
Phase 1 – Upgrade VMware Komponenten
- Deactivate the Deep Security Virtual Appliance on the ESXi
- Restore the ESXi (to uninstall the Deep Security Filter Driver)
- Uninstall vShield Endpoint from the ESXi
- Uninstall the vShield Endpoint Guest Drivers from VMs on the ESXi
- Upgrade your vCenter
- Upgrade the ESXi to ESXi 5.0, 5.1, or 5.5 (If you upgraded to ESXi 5.0, apply patch “ESXi 5.0 (build 474610 or later)”)
- Upgrade the vShield Manager
- Configure the vShield Manager to integrate with the vCenter
- Install vShield Endpoint on the ESXi
- Install vShield Endpoint drivers (found in VMware Tools included with ESXi 5.0, 5.1, or 5.5) on the VMs
- Restart the ESXi
Phase 2 – Upgrade DS Komponenten
- Upgrade the Deep Security Manager
- Upgrade your Deep Security Relays
- Add a security certificate to the Deep Security Manager for the vCenter and the vShield Manager
- Import Deep Security 9.0 SP1 p2 installation packages into the Deep Security Manager
- Prepare the ESXi (this installs the Deep Security Filter Driver on the ESXi)
- Reactivate your Deep Security Virtual Appliance in preparation for upgrade
- Upgrade the Deep Security Virtual Appliance on your ESXi
- Activate the guest VMs on the ESXi
- Upgrade Deep Security Notifier (if required)
- Deploy Deep Security Agents (if required)
Links
- DeepSecurity 9.0 SP1 Installation Guide
- Trendmicro Support – Solution ID 1101692 (Download Links)
- Trendmicro – Agent-Windows_9.0_SP1_Patch2 Readme
- Trendmicro – DSVA_9.0_SP1_Patch2 Readme
- Trendmicro – vSphere 5.5 Support Nachricht (Dezember 2013)
- Trendmicro Support – Kompatibilitäts-Matrix