Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Deep Security Windows 2000 Platform Support Update (Q3 2019)

    • Updated:
    • 27 Aug 2021
    • Product/Version:
    • Deep Security 10.0
    • Deep Security 11.0
    • Deep Security 12.0
    • Platform:
    • Windows 2000

Trend Micro continues to offer support for Windows 2000. We wil still help customers if issues arise on this platform. However, given that the said operating system has reached its end of life on July 13, 2010, there is a risk that customers may encounter an issue which cannot be fixed by Trend Micro. At this point, the support team will work with the customer to offer acceptable alternatives.

Below are some items to consider:

  • Deep Security will continue to support Windows 2000 with Deep Security Agent 9.6.
  • Deep Security Agent 9.6 for Windows 2000 requires TLS 1.2. TLS 1.2 support was introduced to Deep Security Manager 10.0 and therefore requires the use of Deep Security Manager 10.0 or later. For further details, please see this Help Center article: Use TLS 1.2 with Deep Security.

Supported Features

  • Firewall
  • Intrusion Prevention
  • Integrity Monitoring
  • Log Inspection

Unsupported Features

  • Anti-Malware Feature (AM)
  • Application Control (AC)
  • Web Reputation Service (WRS)
  • Agent Deployment Script
  • Location Awareness (Context)
  • Interface Isolation

Due to the age of this operating system, there are few manual steps that you must take before you can install Deep Security Agent 9.6 on Windows 2000.

  1. Install MSI package.

    Go to the Microsoft Catalog KB893803 and download and install Microsoft Windows Installer 3.1 . Otherwise, Windows 2000 cannot execute MSI installation.

  2. Install Deep Security Network Filter Driver.

    The default Microsoft root certificate in Windows 2000 Service Pack 4 is too old to recognize the latest Deep Security Agent certificate. This will cause a failure when installing the Network Driver. Updating the Microsoft root certificate is necessary to resolve this. Please follow these steps to update the root certificate before installing the Deep Security Agent:

    Get the updated certificate file and execute rootuspd201711.exe.

    Optionally, use rootuspd.exe to update the Microsoft root certificate.

    For reference, follow this article: Updating List of Trusted Root Certificates

Deep Security has supported a Windows 2000 agent for some time and as such customers may be in various deployment configurations. Please read the section for the configuration that applies to you.

Deep Security Manager 10.0 or 11.0

If you are running Deep Security Manager version 10.0 or 11.0 and already have the Deep Security Agent 8.0 for Windows 2000 deployed, you can upgrade the agent using the steps provided in the Deep Security Online Help.

Upgrade from Deep Security Manager 9.6 to versions 10.0 or 11.0

If you are using Deep Security Manager 9.6, please note that it will go end of life on August 12, 2019. Deep Security Agent 8.0 for Windows 2000 will continue to be supported for this deployment until August 12, 2019. Trend Micro recommends that you plan to upgrade to the latest version of Deep Security before this date.

Due to the introduction of TLS 1.2 support in Deep Security Agent 9.6 for Windows 2000, the agent will not work with Deep Security Manager 9.6.
  1. Upgrade Deep Security Manager.

    Follow the instructions in Deep Security Online Help to upgrade your Deep Security Manager to the latest version.

  2. Enable Older Agent Support
    1. After upgrading Deep Security Manager, go to System Settings > Updates > Relays.
    2. Tick Allow supported 8.0 and 9.0 Agents to be updated.
    3. Click Save.
  3. Upgrade Deep Security Agent.

    Once you have upgraded the Deep Security Manager to the latest version, you can upgrade the agent using the steps provided in Deep Security Online Help.

If you have trouble installing the Deep Security Agent and see the following error messages in the msi logs:

MSI (c) (C0:D8) [12:44:57:750]: Doing action: _CheckEyesRebootRequired
Action 12:44:57: _CheckEyesRebootRequired.
Action start 12:44:57: _CheckEyesRebootRequired.
MSI (c) (C0:50) [12:44:57:765]: Invoking remote custom action. DLL: C:\Temp\3\MSI5.tmp, Entrypoint: CheckEyesRebootRequired
MSI (c) (C0:04) [12:44:57:765]: Cloaking enabled.
MSI (c) (C0:04) [12:44:57:765]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (C0:04) [12:44:57:781]: Connected to service for CA interface.
Action ended 12:44:57: _CheckEyesRebootRequired. Return value 3.
MSI (c) (C0:D8) [12:44:57:984]: Doing action: FatalError
Action 12:44:58: FatalError.
Action start 12:44:58: FatalError.
Action 12:44:58: FatalError. Dialog created
MSI (c) (C0:44) [12:44:58:078]: Note: 1: 2731 2: 0
Action ended 12:44:59: FatalError. Return value 2.
Action ended 12:44:59: INSTALL. Return value 3.

Please uninstall any other Anti-Malware software and then install the Deep Security Agent again.

Solution Id:
Did this article help you?

Thank you for your feedback!

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.