There is a Combined Mode feature in Deep Security 9.6 that allows the Deep Security Virtual Appliance (DSVA) and Deep Security Agent (DSA) to work together in providing security.
In Combined Mode, the features are distributed such that some protection is supplied by DSA and other protection is given by DSVA. There is no concept of redundancy or standby, so if either of these agents fails, then the corresponding protection/feature is lost.
So if the VM is protected by both DSVA and DSA in Combined Mode, the user is unable to deactivate DSVA protection from the Deep Security Manager (DSM) User Interface (UI) console.
This article provides a workaround to disable DSVA protection, but keep DSA working for the VM.
To enable the workaround:
- Deactivate the VM, which is protected by both DSVA and DSA.
- Manually add the VM from the DSM console via Internet Protocol (IP) or a fully qualified domain name (FQDN).
- Go to Computers.
- Click the New button.
- Type the hostname.
- Open the newly-added VM and activate it.
- Keep the VM, which is synced from vCenter deactivated.
The VM should now be working with agent protection only.