Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

"There are one or more Application Type conflicts on this Computer..." appears in DPI Events when updating the Deep Security Agent (DSA)

    • Updated:
    • 12 Oct 2016
    • Product/Version:
    • Deep Security 9.0
    • Deep Security 9.5
    • Deep Security 9.6
    • Platform:
    • Linux - SuSE 10
    • Linux - SuSE 11
    • Unix - Solaris (Sun) version 10 (SunOS 5.10)
    • Unix - Solaris (Sun) version 9 (SunOS 5.9)
    • Windows 2003 Enterprise
    • Windows 2003 Standard
    • Windows 2008 Enterprise
    • Windows 2008 Standard
Summary
The following error message appears in the DPI Events tab on the Deep Security Manager (DSM) console when updating the DSAs:
There are one or more Application Type conflicts on this Computer. One or more DPI Rules associated with one Application Type are dependent on one or more DPI Rules associated with another Application Type. The conflict exists because the two Application Types use different Ports.
These are the conflicting Application Types:
[A] "Web Application Tomcat"
Ports: [80,8080,4119]
[B] "Web Server Common"
Ports: [80,631,8080,7001,7777,7778,7779,7200,7501,8007,
8004,4000,32000,5357,5358,9000]
[A] "Web Server Miscellaneous"
Ports: [80,4000,7100,7101,7510,8043,8080,8081,8088,8300,8500,
8800,9000,9060,19300,32000,3612,10001,8093,8094]
[B] "Web Server Common"
Ports: [80,631,8080,7001,7777,7778,7779,7200,7501,8007,
8004,4000,32000,5357,5358,9000]”
Details
Public
To resolve the conflict, edit the ports used by Application Type(s) B so that they include the ports used by Application Type(s) A.
The two application types (Web Application Tomcat and Web Server Miscellaneous) are both dependent on the application type Web Server Common. This is why the ports listed in the first two application types should also appear in the Web Server Common ports.
If you consolidate the ports for these three application types, the result is:
80,631,3612,4000,4119,5357,5358,7001,7100,7101,7200,7501,7510,7777,7778,7779,
8004,8007,8043,8080,8081,8088,8093,8094,8300,8500,8800,9000,9060,10001,19300,32000
After adding this to the Web Server Common port list, you will see this message in the Events tab:
“The Application Type Port List Misconfiguration has been resolved.”
To consolidate the ports and resolve this issue:
  1. Log on to the Deep Security console.
  2. Go to Policies > Rules > IPS.
  3. Type “Web Server Common” in the search box on the right pane and press ENTER.
  4. Double-click the Web Server Common application type.
  5. Navigate to General Details > Application type > Edit > Web server common.
  6. Under the General tab > Connection Ports, replace all the ports with this consolidated entry:
    80,631,3612,4000,4119,5357,5358,7001,7100,7101,7200,
    7501,7510,7777,7778,7779,8004,8007,8043,8080,8081,8088,8093,
    8094,8300,8500,8800,9000,9060,10001,19300,32000
  7. Click Apply > Save.
It is also recommended for the Administrators to disable the inherit option for DPI for a security profile. Any change you make to the application type will only affect this particular security profile.
  1. Log on to the Deep Security console.
  2. Go to Security Profiles on the left panel of the console.
  3. Select a security profile that you prefer to edit on the right pane.
  4. Go to the DPI section on the left pane of the Profile window.
  5. Disable or deselect the Inherit option on the right pane.
  6. Click Save.
You also need to check IPS rule 1000128:
  1. Right-click Application Type Properties.
  2. Unselect Inherit.
  3. Check the current inherited port list contain port 4119 or not. If not, add this port to the web server common port group.
  4. Click Inherit  again.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1060278
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.