Views:

Symptoms

The issue happens on the following environment:

  • Deep Security Manager version: 11.0.221 (11.0 GM)
  • Deep Security Agent version: 11.0.0.615 x64 (11.0 U7)
  • Deep Security Relay version: 11.0.0.615 x64 (11.0 U7)

Below is a sample scenario:

  1. The Deep Security Agent (DSA) is running on Windows 64-bit server (Win Server 2016).
  2. When the DSA is recently activated, the Security Update status will show "Unknown" for one to two minutes.

    Security Update Status Unknown

  3. The component "c2t1207960067I-1P5889r1-o-1" under Other section causes the Out-of-Date status.

    Component c2t1207960067I-1P5889r1-o-1

  4. Once you performed the Security Update, the system event will show "Pattern Update on Agents/Appliances Successful", which is not accurate.

    Pattern Update on Agents/Appliances Successfu

  5. Performing a reboot, uninstallation, and re-activation of DSA will not help resolve the issue.

Solution

 
The issue only happens on the combination of DSM version lower than 11.0 U2 and DSA version higher than 11.0 U2. If both the DSM and DSA versions are lower than 11.0 U2, the issue will not occur. If the DSM version is equal or higher than 11.0 U2 and the DSA version is lower than 11.0 U2, the issue will not happen either.

Starting from Deep Security 11.0 U2, the following enhancement is included in the release:

Anti-Malware Scan Engine can be displayed and has the option to enable or disable an Anti-Malware update.

To resolve the issue, upgrade Deep Security Manager version to at least 11.0.249 (U2) or higher version.

Upgrade Deep Security Manager to version 11.0 U2

After the firmware upgrade, the DSA status of Security Update will be "Up-to-Date" as shown below.

Security Update Up-to-Date

Keywords: out of date security update,unable to update security,deep security outofdate