To manually update the Deep Security Relay:
- Generate an update bundle by running a command from the installation path of the source Deep Security Relay host.
For example, if the installation path is C:\Program Files\Trend Micro\Deep Security Agent, run the following command:dsa_control.cmd –b
For Linux, run /opt/ds_agent/dsa_control -b
- Check the created update bundle in ZIP format located under the C:\ProgramData\Trend Micro\Deep Security Agent\relay folder. The bundle should contain the copies of update files. Its filename appears similar to "dsupdate_xxxxxxxxxx.zip".
- Copy the "dsupdate_xxxxxxxxxx.zip" file to the corresponding base folder of the target DSR (usually air-gapped Relay):
- Windows: C:\Program Files\Trend Micro\Deep Security Agent
- Linux: /opt/ds_agent
- Apply the security update by doing any of the following:
- Run any of the following commands:
- dsa_control -m "UpdateComponent:true"
dsa_control -U - restart ds_agent service
- dsa_control -m "UpdateComponent:true"
- Initiate an update on the Deep Security Manager console, by clicking Download Security Updates from the specific Deep Security Relay that you have copied the bundle update.
- Run any of the following commands:
For further issues regarding Deep Security Relay Agent, get the following files under ...\Program Files\Trend Micro\Deep Security Agent\lib\iaulogs and send them to Trend Micro Technical Support:
- iau.log - This file contains information about the module that processes the update.
- TmuDump.txt - This file contains the details about the connection attempts with the update server.
When using offline bundles in an air-gapped environment, the folder C:\ProgramData\Trend Micro\Deep Security Agent\relay\bundle\tmp\ includes bundles that will be created in Deep Security Relay Server. By our current design, it will not be automatically deleted, but you can manually delete unnecessary files under the said folder.