Recently, AWS introduced two new instance classes for EC2. Shortly after the change was introduced, Trend Micro began to receive customer inquiries and incident reports that showed new EC2 instances launched on the new instance types were not being properly protected by Trend Micro Deep Security agents.
Computers that failed to be correctly identified will activate outside of an AWS cloud connector, will not be assigned EC2 metadata, and may not be assigned the expected security policy. In these cases, assigning security policy or relay groups based on EC2 metadata - using Event Based Tasks (EBT's) for example - will be incorrect. In addition, consumption-based billing for large instances will be incorrect. Large instances that are not correctly identified will be incorrectly charged at $0.06 host / hour rather than the correct value of $0.03 host / hour.
Trend Micro has identified the root cause and is releasing new versions of the DSA, starting with Deep Security 10.0 Software Update 8 (U8), that will resolve this incompatibility.
Existing EC2 instance types that have Deep Security agents already installed or newly deployed are unaffected.
Updated Deep Security Agents
Trend Micro has released the following updated Deep Security Agents to address the issue:
|Deep Security Agent||Version 9.6 Software Update 16 (U16)||Readme||Linux||March 2018|
|Version 10.0 Software Update 8 (U8)||Readme||Linux||Available Now|
|Version 10.3 Critical Patch 1 (Feature Release)||Readme||Linux||March 2018|