- Disable the agent self-protection feature. To do this:
- Log in to the DSM console.
- Go to Computers and click the machine details, then click Settings > System Settings > Computer.
- Under Agent Self Protection, do either of the following:
If the Deep Security Agent (DSA) is not connected or is configured with agent-initiated communication, reset the DSA to the reset the agent configuration, including the agent self-protection feature. To do this, run the following on the command line:C:\Program Files\Trend Micro\Deep Security Agent> dsa_control /r
- Set a password for local override.
- Untick the option Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent, or set it to No.
- Stop the Trend Micro Deep Security Relay service.
- Download the latest version of nginx.exe from nginx.
- Extract the file to a temporary folder.
- Back up then replace C:\Program Files\Trend Micro\Deep Security Relay\nginx.exe with the updated version.
- Start the Trend Micro Deep Security Relay service.
- Set error_log to debug mode:
- Go to C:\Program Files\Trend Micro\Deep Security Relay\relay.
- Open the nginx.conf file.
- Look for “error_log” and set the line to:
error_log "C:/Program Files/Trend Micro/Deep Security Relay/relay/logs/error.log debug";
- Save the changes.
- Generate a diagnostic package for the DSR. Follow the procedure in getting a DSM diagnostic package in this KB article: Creating Deep Security 9.0 diagnostic package.
- Submit the files to Trend Micro Technical Support.