Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Deep Security and VMware compatibility matrix

    • Updated:
    • 15 Dec 2017
    • Product/Version:
    • Deep Security 10.0
    • Deep Security 10.1
    • Deep Security 10.2
    • Deep Security 9.0
    • Deep Security 9.5
    • Deep Security 9.6
    • Platform:
    • VMware ESX 5.0
    • VMware ESXi 5.0
    • VMware ESXi 5.1
    • VMware ESXi 5.5
Summary

This compatibility matrix covers deployment options when the Deep Security Virtual Appliance (DSVA) is used to integrate with and protect VMware environments.

For each Deep Security release, the Deep Security version indicates the version of Deep Security Manager (DSM) being used. Each DSM version may support its current version as well as the older versions of DSVA.

Hypervisor-based Anti-malware and System Security (Integrity Monitoring) are enabled using VMware tools on Windows platforms. For the supported Windows platform, check the VMware article: Guest operating systems that are supported for vShield Endpoint Thin Agent (1036847).

Hypervisor-based protection using Anti-malware and System Security (Integrity Monitoring) are currently unavailable for Linux platforms.

Hypervisor-based Network Security (Intrusion prevention, Firewall, and Web Reputation) is available to protect both Windows and Linux platforms using NSX and vCNS.

Deep Security Agents (DSA) are also available to protect a wide variety of guest virtual machines. For more information, refer to the following documents:

For further information on VMware product compatibility, check the VMware product interoperability matrix.

Details
Public

Select your product version to view the compatibility matrix with VMware:

 VMware vSphere Hypervisor (ESXi)
NSX6.5
U1
6.5
 
6.0
U3
6.0
U2
6.0
U1
6.0
 
5.5
U3
5.5
U2
5.5
U1
5.5
 
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.8-
6.2.7-
6.2.6-
6.2.5-
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0

Below are some notes to consider:

  • NSX 6.3.0 and above are FIPS mode supported.
  • For sites running VMware vSphere 6.5, vSphere update 6.5a is the minimum supported version with NSX for vSphere 6.3.0 (2148841).
 VMware vSphere Hypervisor (ESXi)
NSX6.5
U1
6.5
 
6.0
U3
6.0
U2
6.0
U1
6.0
 
5.5
U3
5.5
U2
6.3.5----
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.9--
6.2.8-
6.2.7-
6.2.6-
6.2.5-

Below are some notes to consider:

  • NSX 6.3.0 and above are FIPS mode supported.
  • For sites running VMware vSphere 6.5, vSphere update 6.5a is the minimum supported version with NSX for vSphere 6.3.0 (2148841).
 VMware vSphere Hypervisor (ESXi)
NSX6.5
U1
6.5a
 
6.0
U3
6.0
U2
6.0
U1b
6.0
U1a
6.0
U1
6.0
 
5.5
U3b
5.5
U3a
5.5
U3
5.5
U2
5.5
U1
5.5
 
6.3.5
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.9--
6.2.8-
6.2.7-
6.2.6-
6.2.5-

Below are some notes to consider:

  • NSX 6.3.0 and above are FIPS mode supported.
  • For sites running VMware vSphere 6.5, vSphere update 6.5a is the minimum supported version with NSX for vSphere 6.3.0 (2148841).
 
Deep Security 9.6 is not supported with vSphere 5.1 and 5.0.

Deep Security integrates with the VMware vCNS or VMware NSX in the protection configurations described below:

VMware vCloud Networking & Security (vCNS)

 VMware vSphere Hypervisor (ESXi)
vCNS6.0
U3
6.0
U2
6.0
U1b
6.0
U1a
6.0
U1
6.0
 
5.5
U3b
5.5
U3a
5.5
U3
5.5
U2
5.5
U1
5.5
 
5.5.4.3
5.5.4.2
5.5.4.1
5.5.4.0
5.5.3.1
5.5.3.0
5.5.2.1
5.5.2.0
5.5.1.0
5.5A
5.5

Below are some notes to consider:

  • It supports hypervisor-based Anti-Malware and System Security (Integrity Monitoring) using Deep Security Virtual Appliance 9.6.
  • It supports hypervisor-based Anti-Malware, System Security (Integrity Monitoring), and Network Security using the Deep Security Virtual Appliance 9.5 SP1.
  • Combined mode is a mode where Deep Security Virtual Appliance and Deep Security Agent are used together to offer full protection of a system. When using Combined mode, Deep Security Virtual Appliance will be used for Anti-Malware scanning and Integrity Monitoring scanning. The Deep Security agent will be used for Intrusion Prevention, Firewall, Web Reputation, and Log Inspection.

VMware NSX

 VMware vSphere Hypervisor (ESXi)
NSX6.5
U1
6.5
 
6.0
U3
6.0
U2
6.0
U1b
6.0
U1a
6.0
U1
6.0
 
5.5
U3b
5.5
U3a
5.5
U3
5.5
U2
5.5
U1
5.5
 
6.3.5
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.9--
6.2.8-
6.2.7-
6.2.6
6.2.5
6.2.4
6.2.3a
6.2.3
6.2.2
6.2.1
6.2.0

Below are some notes to consider:

  • It supports hypervisor-based Anti-Malware, System Security (Integrity Monitoring) and Network Security using the Deep Security Virtual Appliance 9.6.
  • Before proceeding with NSX, refer to this VMWare article: Determining if vShield or vCloud Networking & Security is installed prior to deploying NSX (2150493).
  • No limitation or known issues if NSX 6.2.3, NSX 6.2.3a, or NSX 6.2.4 is activated by NSX Standard, Advanced, or Enterprise license key.
  • In order to support Windows 10 VM or Windows 10 RedStone VM, Deep Security Virtual Appliance 9.6 is required to be upgraded to B7314 and VMware Tools 10.0.9 is required too.
  • If activated by NSX for vShield Endpoint license key, refer to this article: Compatibility between VMware NSX 6.2.3 and NSX 6.2.4 with Deep Security.
  • For NSX 6.2.4 and above, the Deep Security Agent version must be equal or higher than Build 7524 (Deep Security 9.6 SP1 Update 3).
  • NSX 6.3.0 and above are FIPS mode supported for Deep Security 9.6 U4.
  • For sites running VMware vSphere 6.5, vSphere update 6.5a is the minimum supported version with NSX for vSphere 6.3.0 (2148841). This is applicable for Deep Security 9.6 U4 and above.
 VMware vSphere Hypervisor (ESXi)
vCNS5.5
U3b
5.5
U3a
5.5
U3
5.5
U2
5.5
U1
5.5
 
5.1
U3
5.1
U2
5.1
U1
5.1
 
5.0
U3
5.0
U2
5.0
U1
5.0
 
5.5.4.3
5.5.4.2
5.5.4.1
5.5.4.0
5.5.3.1
5.5.3.0
5.5.2.1
5.5.2.0
5.5.1.0
5.5a
5.5
5.1.4.3
5.1.4.1
5.1.4.0
5.1.3.0
5.1.2a
5.1.2
5.1.1
5.1.0
5.0.2
5.0.1
5.0
1.x

Below are some notes to consider:

  • Deep Security integrates with the VMware vCNS in the protection configuration. It supports hypervisor-based Anti-Malware, System Security (Integrity Monitoring), and Network Security using the Deep Security Virtual Appliance 9.5 SP1.
  • Deep Security 9.5 is not supported for VMware NSX.
 VMware vSphere Hypervisor (ESXi)
vCNS5.5
U3b
5.5
U3a
5.5
U3
5.5
U2
5.5
U1
5.5
 
5.1
U3
5.1
U2
5.1
U1
5.1
 
5.0
U3
5.0
U2
5.0
U1
5.0
 
5.5.4.3
5.5.4.2
5.5.4.1
5.5.4.0
5.5.3.1
5.5.3.0
5.5.2.1
5.5.2.0
5.5.1
5.5a
5.5
5.1.4.3
5.1.4.1
5.1.4.0
5.1.3.0
5.1.2a
5.1.2
5.1.1
5.1.0
5.0.2
5.0.1
5.0.✔*
1.x

Below are some notes to consider:

Premium
Internal
Rating:
Category:
Configure
Solution Id:
1060499
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.