To fix the issue:
- Check if there is an available relay.
The Deep Security Relay (DSR) is an agent capable of distributing the software and security updates to other agents. Relay Groups can be checked under Administration > Updates > Relay Management. To know more about relays, refer to the article Distribute security and software updates with relays.
- Check the Deep Security Agent version.
- On the Deep Security Manager (DSM) console, go to Computers tab.
- Double-click the editor.
- Navigate to Overview > Actions > Agent Software.
If you cannot access the DSM console, verify the build you are using on the Linux machine itself.
- For CentOS, RedHat, SuSE and Amazon Linux machines, run either of the following commands:
#rpm -q ds_agent
- For Ubuntu/Debian, run the command below:
#dpkg -s ds-agent | grep version
Once you have the agent version, check if it is the latest by going to the Deep Security Download Center. It is recommended to always use the latest build. If an upgrade is necessary, please refer to article on how to Update the Security Agent.
- Verify the Linux kernel version.
The Linux kernel version running on the machine must be supported by the Deep Security Agent. Trend Micro monitors new kernel version and releases an update for it to be fully supported. To verify if a kernel version is compatible, see Deep Security Agent Linux kernel support.
If your kernel version is not yet supported, please contact Trend Micro Technical Support.
- If the Deep Security Relay is working, kernel version is supported, and the correct DSA version is installed but the issue still persists, make sure that the corresponding agent installer and kernel support package are imported into Deep Security Manager (DSM). They should be listed under Administration > Updates > Software > Local.
For example, as of this writing, the latest build available for RHEL 6 64-bit is Deep Security Agent 11.3.0-235 and kernel support package is KernelSupport-RedHat_EL6-11.3.0-239.x86_64, which are both imported into the Deep Security Manager below.If you are using Deep Security as a Service (DSaaS), there is no need to check if the latest agent and kernel support package are imported into the Deep Security Manager console as this is automatically done on the back-end.