Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

PB#1050: Digital Vaccine Enhancements

    • Updated:
    • 10 Aug 2015
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Enhancements to the Digital Vaccine service
Details
Public
Product Bulletin #: 1050

Subject: Digital Vaccine (DV) Enhancements

Date of Announcement: August 10, 2015

Summary: Trend Micro DVLabs is pleased to announce enhancements to the Digital Vaccine service commencing with the DV shipped on August 4, 2015 for both 2.5.2 and 3.2.0 packages.

What's New?

This version of the Digital Vaccine adds the following enhancements:

Precedence enhancements - The filters included in this and subsequent Digital Vaccine (DV) packages include a large number of filter precedence changes as a result of improvements in the DV development environment. Filter precedence determines which filter appears in the block log when multiple filters detect an event. While there are changes to the creation and formatting of the package, there is no change to the content, logic or security effectiveness of any of the filters.

Protocol enhancements - This DV supports more refined protocol designations. For example, where you might have previously seen the designation UDP in the log files, you now see a more accurate designation such as Portmapper.

Removed unsupported legacy code - This DV removes some code intended for devices that have been End of Support for some time. For instance, the action-set "TANK firewall rule Permit / Notify / Remote System" related to the legacy X-Series devices (X505) has been removed. It is no longer feasible to continue to support nor necessary to include this code in the DV package.

SMS Log Messages

When activating a new DV, the logs on the SMS may report an unusually large number of filter changes. These filter changes are expected due to an update of the DV format and may include deleted filters, updated filters, deleted actions sets, or removed parameters. The security posture of your IPS device is not affected by these changes.

The following informational log messages are related to this release:
DescriptionReference
Multiple Updating policy: Removing parameter log messages may manifest when you activate the new DV on the SMS.96370
Multiple updated and deleted signatures are displayed when you activate the DV on the SMS.98628
More than 1000 updated filters are displayed when you activate the 2.5.2 DV on the SMS.98631
Deleted action set 'TANK firewall rule Permit / Notify / Remote System'may manifest when you activate the new DV on the SMS.104085

If you have concerns or further questions regarding this issue, contact the Trend Micro™ TippingPoint Technical Assistance Center (TAC).

Thank you,
Trend Micro™ TippingPoint

For updated contact information, please click here.

 
© Copyright 2018 Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro logo, TippingPoint, the TippingPoint logo, and Digital Vaccine are trademarks or registered trademarks of Trend Micro Incorporated. TippingPoint Reg. U.S. Pat. & Tm. Off. The information is provided "as is" without warranty of any kind and is subject to change without notice. The only warranties for Trend Micro products and services are set forth in the express warranty statements accompanying such products and services. nothing herein should be construed as constituting an additional warranty. Trend Micro shall not be liable for technical or editorial errors or omissions contained herein.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000118107
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.