Trend Micro continues to offer support for Windows 2000. We wil still help customers if issues arise on this platform. However, given that the said operating system has reached its end of life on July 13, 2010, there is a risk that customers may encounter an issue which cannot be fixed by Trend Micro. At this point, the support team will work with the customer to offer acceptable alternatives.
Below are some items to consider:
- Deep Security will continue to support Windows 2000 with Deep Security Agent 9.6.
- Deep Security Agent 9.6 for Windows 2000 requires TLS 1.2. TLS 1.2 support was introduced to Deep Security Manager 10.0 and therefore requires the use of Deep Security Manager 10.0 or later. For further details, please see this Help Center article: Use TLS 1.2 with Deep Security.
Supported Features
- Firewall
- Intrusion Prevention
- Integrity Monitoring
- Log Inspection
Unsupported Features
- Anti-Malware Feature (AM)
- Application Control (AC)
- Web Reputation Service (WRS)
- Agent Deployment Script
- Location Awareness (Context)
- Interface Isolation
Due to the age of this operating system, there are few manual steps that you must take before you can install Deep Security Agent 9.6 on Windows 2000.
- Install MSI package.
Download and install Windows Installer 3.1 Redistributable (v2). Otherwise, Windows 2000 cannot execute MSI installation.
- Install Deep Security Network Filter Driver.
The default Microsoft root certificate in Windows 2000 Service Pack 4 is too old to recognize the latest Deep Security Agent certificate. This will cause a failure when installing the Network Driver. Updating the Microsoft root certificate is necessary to resolve this. Please follow these steps to update the root certificate before installing the Deep Security Agent:
Get the updated certificate file and execute rootuspd201711.exe.
Optionally, use rootuspd.exe to update the Microsoft root certificate.
- Files: updroots.exe and roots.sst
- Execute: updroots.exe roots.sst
For reference, follow this article: Updating List of Trusted Root Certificates
Deep Security has supported a Windows 2000 agent for some time and as such customers may be in various deployment configurations. Please read the section for the configuration that applies to you.
Deep Security Manager 10.0 or 11.0
If you are running Deep Security Manager version 10.0 or 11.0 and already have the Deep Security Agent 8.0 for Windows 2000 deployed, you can upgrade the agent using the steps provided in the Deep Security Online Help.
Upgrade from Deep Security Manager 9.6 to versions 10.0 or 11.0
If you are using Deep Security Manager 9.6, please note that it will go end of life on August 12, 2019. Deep Security Agent 8.0 for Windows 2000 will continue to be supported for this deployment until August 12, 2019. Trend Micro recommends that you plan to upgrade to the latest version of Deep Security before this date.
- Upgrade Deep Security Manager.
Follow the instructions in Deep Security Online Help to upgrade your Deep Security Manager to the latest version.
- Enable Older Agent Support
- After upgrading Deep Security Manager, go to System Settings > Updates > Relays.
- Tick Allow supported 8.0 and 9.0 Agents to be updated.
- Click Save.
- Upgrade Deep Security Agent.
Once you have upgraded the Deep Security Manager to the latest version, you can upgrade the agent using the steps provided in Deep Security Online Help.
