Summary
Due to a side effect caused by a fix in Deep Security Manager (DSM) 11.0 Update 1, the Deep Security Manager was unable to recognize the heartbeat from an agentless protected agent (VA) or Deep Security Virtual Appliance (DSVA) itself. This caused Deep Security Manager to misuse VA's heartbeat to ask DSVA for re-activation, which led DSVA to keep re-activating until it lost the connection. The said issue frequently occurs during vMotion.
Deep Security Manager will automatically create a new Deep Security Agent (DSA) machine using the DSVA's IP address. When you try to activate the guest VM, it will fail and show the error "Activation Failed (Duplicate Computer)".
The issue has been resolved in Deep Security 11.0 Update 7. The release has fixed the bug wherein Deep Security Notifier displays "Unknown/Unreachable" for agent status, although the agent was actually online and managed.
If the version of your Deep Security is affected, disabling the Agent-Initiatted Activation: Reactivate Unknown Agents option can resolve this issue.
- On the Deep Security web console, go to Administration > System Settings.
- Under Agents tab, disable Reactivate unknown Agents tickbox.
