User can delete a Trend Micro Deep Security service deployment under vCenter WebClient > Networking & Security > Installation > Service Deployment. When you delete this service deployment and then add a new Trend Micro Deep Security service deployment, the Firewall (FW) or Deep Packet Inspection (DPI) may become offline.
When you use SSH into ESXi and execute command "summarize-dvfilter" on the protected guest virtual machine (VM), you will notice that there is no filter and an agent is attached to the guest virtual machine as shown below:
This is not a Trend Micro product issue. According to VMware Developer Center Partner Network (DCPN), it is not recommended to remove only the service deployment and then redeploy it. User must complete all the steps to remove a third-party vendor service. For more information, refer to this article: Remove 3rd-Party Integration.
As a workaround, do the appropriate procedure depending on your NSX version:
- For NSX 6.3.3 and above, turn off and then turn on the guest virtual machine to resume the Firewall or Deep Packet Inspection agentless protection.
- For NSX 6.3.2 and below, try to turn off and then turn on the guest virtual machine. If the issue persists, reboot the ESXi.