Summary
Trend Micro has released new versions of the Trend Micro Deep Security Agent (DSA) to address incompatibilities with C5 and M5 instance types in AWS Elastic Compute Cloud (EC2) running Linux Operating Systems.
The following criteria are required for your deployment to be affected:
- You have one (1) or more AWS Cloud Connectors configured
- You have workloads running a Linux Operating System
- You have deployed C5.* or M5.* instance types
- You are using an affected agent (see details below)
Details
Recently, AWS introduced two new instance classes for EC2. Shortly after the change was introduced, Trend Micro began to receive customer inquiries and incident reports that showed new EC2 instances launched on the new instance types were not being properly protected by Trend Micro Deep Security agents.
Computers that failed to be correctly identified will activate outside of an AWS cloud connector, will not be assigned EC2 metadata, and may not be assigned the expected security policy. In these cases, assigning security policy or relay groups based on EC2 metadata - using Event Based Tasks (EBT's) for example - will be incorrect. In addition, consumption-based billing for large instances will be incorrect. Large instances that are not correctly identified will be incorrectly charged at $0.06 host / hour rather than the correct value of $0.03 host / hour.
Trend Micro has identified the root cause and is releasing new versions of the DSA, starting with Deep Security 10.0 Software Update 8 (U8), that will resolve this incompatibility.
Existing EC2 instance types that have Deep Security agents already installed or newly deployed are unaffected.
Updated Deep Security Agents
Trend Micro has released the following updated Deep Security Agents to address the issue:
Product | Updated version | Notes | Platform | Availability |
---|---|---|---|---|
Deep Security Agent | Version 9.6 Service Pack 1 Patch 1 Update 16 (U16) | Readme | Linux | Available Now |
Version 10.0 Software Update 8 (U8) | Readme | Linux | Available Now | |
Version 10.3 Critical Patch 3 (Feature Release) | Readme | Linux | Available Now |