When updating the Deep Security Agent (DSA)/Deep Security Virtual Appliance (DSVA) policy, you get the following error message:
Unable to complete the operation due to the following error on the Agent/Appliance: Update failed - check agent events for cause.
The event logs show the following information:
Agent/Appliance Event(s):
Time: August 29, 2014 15:58:44
Level: Error
Event ID: 3003
Event: Unable To Run External Command
Description: Unable to run the external command '/opt/ds_guest_agent/dsc': (error 12: Cannot allocate memory)
Time: August 29, 2014 15:58:44
Level: Error
Event ID: 2085
Event: Security Configuration Error
Description: Error compiling configuration
Normally, Event ID 3303 and 2085 indicate that there is a rule assigned, which needs a depending additional rule to work. The rule which causes the error is also written in the event logs:
Description: Error compiling configuration:
65: note: adding preset log policy 0
65: note: adding preset log policy 1
65: note: adding preset log policy 2
65: note: adding preset log policy 3
65: note: adding preset log policy 4
65: note: adding preset log policy 5
65: note: adding preset log policy 6
65: note: adding preset log policy 27
17469: error: dynamic port DNS:dport is referenced but not defined (apptype not applied)
1 errors during parsing
To resolve the issue, reset the DSVA security profile and clear recommendations. To do this:
- Go to the Deep Security Manager (DSM) web console.
- Click Computers.
- Right-click the target computer.
- Select Actions > Assign Policy.
- On the Assign Policy box, select None > Ok.
- Manually enable new rules in the security profile and check if the DSVA is able to complete the update successfully.
If issue persists, export a copy of the security profile used that caused the update error and contact contact Trend Micro Technical Support.