Changing the protocol type for Deep Security Manager (DSM) console

- Updated:
- 30 Dec 2019
- Product/Version:
- Deep Security 9.6
- Platform:
- Amazon AMI 32-bit
- Amazon AMI 64-bit
- Android 2.0, 2.1 Eclair
- Android 2.1+
- Android 2.2 Froyo
- Android 2.3 Gingerbread
- Android 3.x Honeycomb
- Android 4.0 Ice Cream Sandwich
- Android 4.1 Jellybean
- Android 4.2 Jellybean
- Android 4.3 Jellybean
- Android 4.4 KitKat
- Android 5.0 Lollipop
- Android 5.1 Lollipop
- Android 6.0 Marshmallow
- Android All
- Android すべて
- Appliance DELL R210II
- Appliance DELL R410
- Appliance DELL R710
- Appliance DELL R720
- Appliance すべて
- AS400 すべて
- Bare Metal N/A
- Blackberry 5.x
- Blackberry すべて
- CentOS 5.4 32-bit
- CentOS 5.4 64-bit
- CentOS 5.5 32-bit
- CentOS 5.5 64-bit
- CentOS 5.6 32-bit
- CentOS 5.6 64-bit
- CentOS 5.7 32-bit
- CentOS 5.7 64-bit
- CentOS 5.8 32-bit
- CentOS 5.8 64-bit
- CentOS 6 32-bit
- CentOS 6 64-bit
- CentOS 6.1 32-bit
- CentOS 6.1 64-bit
- CentOS 6.2 32-bit
- CentOS 6.2 64-bit
- Citrix XenServer 5.5
- Citrix XenServer 6.0
- EMC すべて
- HPUX 11.x
- IBM AIX
- IBM AIX 5.3
- IBM AIX 6.1
- IBM OS/400/i5OS V5R4
- IBM OS/400/i5OS V6R1
- IBM OS/400/i5OS V7R1
- IBM zLinux RHEL 5 64-bit
- IBM zLinux SLES 10
- IBM zLinux SLES 11
- iOS 3.0+
- iOS 4.0+
- iOS 5.0+
- iOS 6.0+
- iOS 7.0+
- iOS 7.1+
- iOS 8.0+
- iOS 8.1
- iOS 8.2
- iOS 8.3
- iOS 8.4
- iOS 9.0
- iOS 9.1
- iOS 9.2
- iOS All
- iOS すべて
- Linux すべて
- Linux - Red Hat RHEL 4 32-bit
- Linux - Red Hat RHEL 4 64-bit
- Linux - Red Hat RHEL 5 32-bit
- Linux - Red Hat RHEL 5 64-bit
- Linux - Red Hat RHEL 6 32-bit
- Linux - Red Hat RHEL 6 64-bit
- Linux - SuSE 10
- Linux - SuSE 10 64-bit
- Linux - SuSE 11
- Linux - SuSE 11 64-bit
- Linux - Turbolinux Server 10
- Linux - Turbolinux Server 8
- Lync Server 2010
- Lync Server 2013
- Macintosh El Capitan
- Macintosh iOS 3.x
- Macintosh iOS 4.x
- Macintosh iOS 5.x
- Macintosh Leopard
- Macintosh Lion
- Macintosh Mavericks
- Macintosh Mountain Lion
- Macintosh Snow Leopard
- Macintosh Tiger
- Macintosh Yosemite
- MacOS すべて
- N/A N/A
- NetApp すべて
- Netware version 5.1
- Netware version 6.0
- Netware version 6.5
- Oracle Linux 5 32-bit
- Oracle Linux 5 64-bit
- Oracle Linux 6 32-bit
- Oracle Linux 6 64-bit
- Oracle Solaris 11 SPARC
- Oracle Solaris 11 x86
- SaaS すべて
- Solaris すべて
- Sony PS3
- Sony PS4
- Sony PSP
- Symbian ^3
- Symbian S60
- Symbian S60 3rd Edition
- Symbian S60 5th Edition
- Ubuntu 10.04 64-bit
- Ubuntu 12.04 64-bit
- UNIX すべて
- Unix - Solaris (Sun) version 10 (SunOS 5.10)
- Unix - Solaris (Sun) version 9 (SunOS 5.9)
- Virtual Appliance 4.1
- Virtual Appliance 5.1
- Virtual Appliance すべて
- VMware ESX 4.0
- VMware ESX 4.1
- VMware ESX 5.0
- VMware ESXi 4.0
- VMware ESXi 4.1
- VMware ESXi 5.0
- VMware ESXi 5.1
- VMware ESXi 5.5
- VMware vCenter 5.0
- VMware vCenter 5.5
- VMware vSphere 5.1
- VMware vSphere 5.5
- Windows 2003 Enterprise
- Windows 2003 Enterprise 64-bit
- Windows 2003 Server R2
- Windows 2003 Small Business Server
- Windows 2003 Small Business Server R2
- Windows 2003 Standard
- Windows 2003 Standard 64-bit
- Windows 2008 Datacenter 64-bit
- Windows 2008 Enterprise
- Windows 2008 Enterprise 64-bit
- Windows 2008 Essential Business Server
- Windows 2008 Server Core
- Windows 2008 Server Foundation
- Windows 2008 Server R2
- Windows 2008 Server R2 Datacenter
- Windows 2008 Server R2 Enterprise
- Windows 2008 Server R2 with Hyper-V(TM)
- Windows 2008 Small Business Server
- Windows 2008 Standard
- Windows 2008 Standard 64-bit
- Windows 2012 Datacenter R2
- Windows 2012 Enterprise
- Windows 2012 Server Essential R2
- Windows 2012 Server Foundation R2
- Windows 2012 Standard R2
- Windows 7 32-bit
- Windows 7 64-bit
- Windows 8 32-bit
- Windows 8 64-bit
- Windows 8.1 32-bit
- Windows 8.1 64-bit
- Windows Vista 32-bit
- Windows Vista 64-bit
- Windows XP Professional
- Windows XP Professional 64-bit
- Windows XP SP2 32-bit
- Windows XP SP3 32-bit
- Windows Mobile すべて
- Windows Phone 8.0
- Windows Phone 8.1

Summary

By default, the Deep Security Manager console uses the following protocols to communicate with port 4199:

TSLv1
TLSv1.1
TLSv1.2
SSLv2Hello

With Deep Security Manager 9.6 Patch 1 and later versions, you can select the protocol type for DSM console. It enhances the Deep Security Manager's capability to use only a specific protocol, if required.

Details

To change the protocol type:

Modifying the protocol type for Deep Security Manager's web console port 4119 affects operations like accessing the web GUI from a browser, preparing an ESXi server for Filter Driver, deploying agents using deployment scripts, and deploying the Deep Security Virtual Appliance in an NSX environment.

Stop the Deep Security Manager Service.
Open the configuration.properties file under C:\ProgramFiles\TrendMicro\DeepSecurityManager.
Add the following entry at the end of file and save it:
protocols=TLSv1.2

You can define more than one protocol by separating them with commas. For example, protocols=TLSv1,TLSv1.1,TLSv1.2
Start the Deep Security Manager Service.
Use the OpenSSL s_client command below to verify the protocol on the Deep Security Manager's web console port 4119:
OpenSSL> s_client -connect Deep_Security_Manager_IP_Address:4119

The SSL-Session section should show the protocol you defined in the configuration.properties file.