Important Information before Upgrading to Deep Security 8.0
Here are the important details that you must take note of before upgrading your existing Deep Security Manager (DSM) environment to version 8.0:
- The Deep Security Manager must always be upgraded first before upgrading any other Deep Security component.
- The Deep Security Manager can always manage one (1) major version back.
- DSM 8.0 can manager Deep Security Agent/Deep Security Virtual Appliance (DSVA) 7.0, 7.5, 8.0)
- vShield/VMsafe integration needs to be considered
- Deep Security 8.0 does not support vShield Manager 4
- Deep Security 7.5 does not support vShield Manager 5
- For large database, schema modification can take significant amount of time (8+ hours).
- Applications leveraging Web Services API may need to be updated to support new WSDL.
Important Things to Consider when Upgrading to Deep Security 8.0
- Back up the Deep Security database before starting the upgrade process.
- If you are using Deep Security 7.0/7.5 32-bit program version, the installer to upgrade to version 8.0 must also be using 32-bit program.
- When the first Deep Security Manager server node is upgraded, all other nodes within the group will have the main service (Deep Security Manager.exe) turned off. You cannot run multi-version of Deep Security Managers at the same time.
- During the upgrade process, the database schema may take hours to upgrade, depending on the size of the database. It is normal for the database schema to take 1-2 hours for it to be completely upgraded.
- After completing the upgrade, the Deep Security Agent program version will remain the same. They will not be automatically upgraded by the server.
- Deep Security Manager 8.0 can continue to manage Deep Security Agents 7.0/7.5.
You may upgrade Deep Security Manager 6.1, 7.0, or 7.5 to version 8.0. For other versions of DSM, please contact Trend Micro Technical Support for the proper upgrade steps. The Deep Security Agents can be upgraded directly to the latest version via the Deep Security Manager web console. The Agent software upgrade task has to be initiated manually by the administrator.
Note: When you perform the upgrade and select new installation, the existing security profile applied on the Deep Security Agents remains the same. For DSM to communicate with the agents again, you need to deactivate and reactivate the agents. This process allows the agents to receive the new certificate file created by the new installation.