Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Installing Deep Security using SQL Express

    • Updated:
    • 13 Mar 2020
    • Product/Version:
    • Deep Security 10.0
    • Deep Security 10.1
    • Deep Security 10.2
    • Deep Security 10.3
    • Deep Security 11.0
    • Deep Security 11.1
    • Deep Security 11.2
    • Deep Security 11.3
    • Deep Security 12.0
    • Platform:
    • N/A

Starting from version 10.0, Deep Security is no longer bundled with Derby database for demo or proof of concept (PoC) test wherein Enterprise database is unavailable. As an alternative, we can use an SQL Express instance. However, it needs to be installed and configured outside Deep Security.

Learn how to install and configure SQL Express 2014 to utilize it with Deep Security.

By default, TLS 1.2 is enforced in Deep Security Manager 11.1 and above for new installation. If SQL Express does not support TLS 1.2, the installation may fail. For more information, see this Microsoft article: TLS 1.2 support for Microsoft SQL Server.

To deploy Deep Security with SQL Express, do the following steps:

  1. Download the SQL Express 2014 and SQL Management Studio. Since it will be installed on the same server as Deep Security, download the 64-bit version of SQL Express installers.
  2. Execute the SQLEXPR_x64_ENU setup file.
  3. Choose a temp folder for the extracted files.

    Directory for extracted file

  4. Select the New SQL Server stand-alone installation option.

    New SQL Server stand-alone installation

  5. Tick I accept the license terms check box and click Next.

    License Terms

  6. Check the Use Microsoft Update to check for updates (recommended) option to prevent security vulnerabilities in SQL Express.

    Use Microsoft Update to check for updates (recommended)

  7. Tick the Database Engine Services as the only component to be installed, and then modify the installation path for the customer environment.

    Install Database Engine Services

  8. Specify the instance for SQL Express. It is recommended to create a new one for Deep Security.

    Specify the instance

  9. Set the Startup Type of SQL Browser Service to Automatic.

    Automatic Startup Type

  10. Choose the Mixed Mode radio button and set a password for the system administrator (SA) account. Make sure to select a windows account as the SQL Server Administrator.

    Select Mixed Mode

  11. Click Close to complete the SQL Express 2014 installation, and then exit the installer.

    Close the installer

  1. Execute the SQLManagagementStudio_x64_ENU setup.
  2. Specify a temp folder for the extracted files.

    Specify the temp folder

  3. Choose the New SQL Server stand-alone installation.

    New SQL Server stand-alone installation

  4. Select the Perform a new installation of SQL Server 2014 radio button.

    Perform a new installation of SQL Server 2014

  5. Check the I accept the license terms and click Next.

    License Terms

  6. Tick only the Management Tools - Basic and click Next.

    Select Management Tools - Basic

  7. Click Close to complete the installation, and then exit the SQL Express installer.

    Exit the installer

  1. Open the SQL Configuration Manager.

    SQL Configuration Manager

  2. Expand SQL Server Network Configuration and select protocols for your SQL Express Instance (e.g. Protocols for DEEPSECURITY).

    Select protocols for your instance

  3. Right-click TCP/IP and choose Enable to activate the TCP/IP Connectivity.
  4. Click OK to acknowledge the requirement for the service restart.
  5. Go to SQL Server Service.
  6. Right-click the SQL Server Service for your installed instance and click Restart to enable the TCP/IP configuration.
  7. Close the SQL Configuration Manager.

If the TCP Dynamic Ports is configured, Deep Security Manager may fail to connect to the database, follow the steps below to resolve the issue.

  1. In the MS SQL Server Manager, enable TCP/IP.
  2. Confirm the correct TCP addresses.
  3. Remove any entry in TCP Dynamic Ports field.
  4. Add 1433 to TCP Port field.

    Add 1433 to TCP Port field

  1. Open SQL Management Studio and log in to your instance using the system admin account you created during installation.

    SQL Management Studio

  2. Right-click Databases and select New Database.
  3. Enter the database name and click OK.

    Enter database name

  4. (Optional) You may create an SQL Service Account for Deep Security.
    1. Expand Security and right-click Logins, then select New Login.
    2. Enter the Login Name.
    3. Select SQL Server authentication.
    4. Set a password and confirm the password for the service account.
    5. Untick the Enforce password expiration option. This should also disable the User must change password at next login checkbox.
    6. From the Default Database drop-down, select the database name you created in Step 3.

      Creating SQL Server Account for Deep Security

    7. Click User Mapping and select the database created from the previous steps.
    8. Tick the db_owner role for the database.
  5. Click OK and close the SQL Configuration Manager.
  1. Run the setup file and select a language.

    Select language

  2. On the Welcome page of the Deep Security Manager Setup Wizard, click Next.

    Welcome page for Deep Security Setup Wizard

  3. Accept the license agreement and click Next.

    License Terms

  4. Specify the installation path and click Next.

    Enter installation path

  5. Configure the database server.
    1. Select Microsoft SQL Server.
    2. Type a host name for the SQL Express.
    3. Choose TCP as the transport.
    4. Specify a username and password for the database.

    Set up the database server

  6. Click Advanced and specify the Instance name if you are using a Named Instance of SQL Express.

    Type the Named Instance

  7. Click Start Readiness Check to assess the system where you are installing. The setup wizard will display a warning on using SQL Express database.

    Start Readiness Check

  8. Click Install Deep Security Manager.

    Install Deep Security Manager

  9. Enter the Activation Code and click Next.

    Activation Code

  10. Verify the Manager address and port details, and then click Next.

    Manager address and port details

  11. Provide the Username and Password for the web console, and then click Next.

    Enter the username and password

  12. Make sure the Create Scheduled Task to regularly check for Security Updates checkbox is enabled.

    Create Scheduled Task to regularly check for Security Updates

  13. Confirm to install the relay-enabled agent and click Next.

    Install relay-enabled agents

  14. Make sure the option Enable Trend Micro Smart Feedback is ticked, and then click Next.

    Enable Trend Micro Smart Feedback

  15. Click Install to proceed with the Deep Security Manager installation.

    Install the Deep Security Manager

After the installation, note that the DSM will show a notification stating that the SQL Express database is not supported for production deployments.

SQL Express database is not supported for production deployments

Solution Id:
Did this article help you?

Thank you for your feedback!

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.