Subject: Digital Vaccine (DV) Enhancements
Date of Announcement: August 10, 2015
Summary: Trend Micro DVLabs is pleased to announce enhancements to the Digital Vaccine service commencing with the DV shipped on August 4, 2015 for both 2.5.2 and 3.2.0 packages.
This version of the Digital Vaccine adds the following enhancements:
Precedence enhancements - The filters included in this and subsequent Digital Vaccine (DV) packages include a large number of filter precedence changes as a result of improvements in the DV development environment. Filter precedence determines which filter appears in the block log when multiple filters detect an event. While there are changes to the creation and formatting of the package, there is no change to the content, logic or security effectiveness of any of the filters.
Protocol enhancements - This DV supports more reﬁned protocol designations. For example, where you might have previously seen the designation UDP in the log ﬁles, you now see a more accurate designation such as Portmapper.
Removed unsupported legacy code - This DV removes some code intended for devices that have been End of Support for some time. For instance, the action-set "TANK firewall rule Permit / Notify / Remote System" related to the legacy X-Series devices (X505) has been removed. It is no longer feasible to continue to support nor necessary to include this code in the DV package.
SMS Log Messages
When activating a new DV, the logs on the SMS may report an unusually large number of filter changes. These filter changes are expected due to an update of the DV format and may include deleted filters, updated filters, deleted actions sets, or removed parameters. The security posture of your IPS device is not affected by these changes.
The following informational log messages are related to this release:
|Multiple Updating policy: Removing parameter log messages may manifest when you activate the new DV on the SMS.||96370|
|Multiple updated and deleted signatures are displayed when you activate the DV on the SMS.||98628|
|More than 1000 updated ﬁlters are displayed when you activate the 2.5.2 DV on the SMS.||98631|
|Deleted action set 'TANK firewall rule Permit / Notify / Remote System'may manifest when you activate the new DV on the SMS.||104085|
If you have concerns or further questions regarding this issue, contact the Trend Micro™ TippingPoint Technical Assistance Center (TAC).
Trend Micro™ TippingPoint
For updated contact information, please click here.
|© Copyright 2018 Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro logo, TippingPoint, the TippingPoint logo, and Digital Vaccine are trademarks or registered trademarks of Trend Micro Incorporated. TippingPoint Reg. U.S. Pat. & Tm. Off. The information is provided "as is" without warranty of any kind and is subject to change without notice. The only warranties for Trend Micro products and services are set forth in the express warranty statements accompanying such products and services. nothing herein should be construed as constituting an additional warranty. Trend Micro shall not be liable for technical or editorial errors or omissions contained herein.|