Deep Security Agent platforms

Topics on this page:

See also Agent platform support policy.

Agent platform support table

Workload Security supports the Deep Security Agents on the operating systems shown in the table below. If platform support was added in an update release, the minimum update version is noted next to the check mark in the table.

Workload Security supports the use of older agent versions, but we do encourage you to upgrade agents regularly. New agent releases provide additional security features and protection, higher quality, performance improvements, and updates to stay in sync with releases from each platform vendor. Each agent has an end-of-life date. For details, see Deep Security Agent LTS life cycle dates and Deep Security Agent FR life cycle dates.

Not all Deep Security Agent features are available on all platforms. See Supported features by platform.
The Deep Security Agent can be installed and is fully supported on any of the below platforms running in Amazon AWS, Google Cloud Platform (GCP), or Microsoft Azure.
Deep Security Agent Platform         Deep Security Agent Version
  20 LTS 12 FR 12 LTS 11.3 11.2 11.1 11 LTS 10 LTS 9.6 9.0
Windows 2000, Service Pack 3 or 4 (32-bit) (See Note 5)                 U17  
Windows XP (32- and 64-bit)) (See Note 5)                  
Windows Server 2003 SP1 or SP2 (32- and 64-bit)) (See Note 5)                  
Windows Server 2003 R2 SP2 (32- and 64-bit)) (See Note 5)                  
Windows 7 (32- and 64-bit)      
Windows 7 Embedded (32-bit) (See Note 2)            
Windows Server 2008 (32- and 64-bit) (See Note 3)      
Windows Server 2008 R2 (64-bit) (See Note 3)      
Windows 8 (32- and 64-bit)      
Windows 8.1 (32- and 64-bit)      
Windows 8.1 Embedded (32-bit) (See Note 2)            
Windows 10 (32- and 64-bit) (See Note 1)      
Windows 10 Embedded (64-bit) (See Note 2)            
Windows Server 2012 (64-bit)      
Windows Server 2012 R2 (64-bit)      
Windows Server 2016 (LTSC, version 1607) (64-bit)      
Windows Server Core (SAC, version 1709) (64-bit) (See Note 1)      
Windows Server 2019 (LTSC, version 1809) (64-bit)     U4      
Red Hat Enterprise Linux 5 (32- and 64-bit)                  
Red Hat Enterprise Linux 6 (32- and 64-bit)      
Red Hat Enterprise Linux 7 (64-bit)      
Red Hat Enterprise Linux 8 (64-bit)       U12      
Ubuntu 10 (64-bit)                  
Ubuntu 12 (64-bit)                  
Ubuntu 14 (64-bit)                  
Ubuntu 16 (64-bit)      
Ubuntu 18 (64-bit)   U2      
Ubuntu 20.04 (64-bit) U10              
CentOS 5 (32- and 64-bit)                  
CentOS 6 (32- and 64-bit)      
CentOS 7 (64-bit)      
CentOS 8 (64-bit) U3       U17      
Debian 6 (64-bit)                  
Debian 7 (64-bit)          
Debian 8 (64-bit)      
Debian 9 (64-bit)      
Debian 10 (64-bit) U1       U14      
Amazon Linux (64-bit)      
Amazon Linux 2 (64-bit)      
Oracle Linux 5 (32- and 64-bit)                  
Oracle Linux 6 (32- and 64-bit)      
Oracle Linux 7 (64-bit)      
Oracle Linux 8 (64-bit) U2       U14      
SUSE Linux Enterprise Server 10 (32- and 64-bit)                  
SUSE Linux Enterprise Server 11 (32- and 64-bit)        
SUSE Linux Enterprise Server 12 (64-bit)    
SUSE Linux Enterprise Server 15 (64-bit)       U13      
CloudLinux 5 (32- and 64-bit)                  
CloudLinux 6 (32-bit)                  
CloudLinux 6 (64-bit)             U6      
CloudLinux 7 (64-bit)      
CloudLinux 8 (64-bit) FR 2020-05-19                
Solaris 10 Updates 4-6 (64-bit, SPARC or x86)         U6      

Solaris 10 Updates 7-10 (64-bit, SPARC or x86)

        U6      
Solaris 10 Update 11 (64-bit, SPARC or x86)         U6      
Solaris 11.0 (1111)-11.1 (64-bit, SPARC or x86)         U6      
Solaris 11.2-11.3 (64-bit, SPARC or x86)         U6      
Solaris 11.4 (64-bit, SPARC or x86)         U7      
AIX 5.3 (See Note 4)                  
AIX 6.1, 7.1, 7.2 (See Note 4)   U5              

Support for these releases is ending soon. Please upgrade to Deep Security Agent 20 as soon as possible.

If platform support was added in an update or FR release, the minimum update or FR version is noted next to the check mark in the table. Examples: ✔ U1, ✔FR 2020-05-19.

Note 1: Microsoft releases regular, semi-annual releases for Microsoft Windows 10 and Windows Server Core. For details about which specific releases are supported, see Deep Security Support for Windows 10 and Deep Security Support for Windows Server Core.

Note 2: All Trend Micro testing on Windows Embedded platforms is performed in a virtualized environment. Because these operating systems are typically run on custom hardware (for example, on point-of-sale terminals), customers must plan to thoroughly test on their target hardware platform prior to deployment in a production environment. In addition, before raising support cases, customers should attempt to reproduce problems in a virtualized environment because this is the environment the Trend Micro support team has available. If the issue is specific to deployments on custom hardware, Trend Micro may require the customer to provide us with remote access to a suitable environment before we can fully respond to support cases.

Note 3: Deep Security Agent is supported with both Full/Desktop Experience and Server Core installations of Windows Server 2012 and later. For Windows Server 2008 and 2008 R2, only Full installations are supported.

Note 4: If you want to use Deep Security Agent 9.0 for AIX, you'll need to use a signed agent, version 9.0.0-5624 or higher. Please be aware that the end-of-life date for this agent is 31-Dec-2020. You can download this agent from the Earlier Versions tab on the Deep Security Software page.The following AIX configurations are supported:

  • AIX LPARs running on the PowerVM Hypervisor on Power Servers.
  • AIX running as the bare metal OS on Power Servers.

Note 5: See Updated guidance for use of Trend Micro Deep Security to protect Windows 2003, Windows XP, and Windows 2000 based systems for additional details. Also, Deep Security 10.0 Update 26 does not support the installation or upgrade of Deep Security Agent on Windows 2003 or Windows XP. Support for these platforms will be re-introduced in a subsequent update. For more information, see Deep Security Agent version 10 update 26 cannot be used for installation or upgrade on Windows XP/2003.

Docker support

You can use Deep Security Agent 10.0 or later to protect Docker hosts and containers running on Linux distributions. Windows is not supported.

With each Deep Security Agent long-term support (LTS) release, Deep Security supports all Docker Enterprise Edition (EE) versions that have not reached end-of-life. (See Announcing Docker Enterprise Edition.) We do not officially support Docker Edge releases, but strive to test against Docker Edge releases to the best of our ability.

Support for new stable Docker releases is introduced with each release of Deep Security Agent. We recommend that you refrain from upgrading to the latest stable release of Docker until Trend Micro documents the support statements for the latest Deep Security Agent release.

Deep Security Agent version Docker Docker CE Docker EE
v1.12 v1.13 17.03 17.09 17.12 18.03 18.06 18.09 19.03 17.06 18.03 18.06 18.09 19.03
10 LTS                        
11 LTS            
11.1                    
11.2                    
11.3                    
12 LTS              
12 FR                
20 LTS                

Deep Security Agent support for Docker releases includes any sub-versions of those releases. For example, Deep Security Agent 11.0 supports Docker 17.09-ce including its sub-versions: 17.09.0-ce and 17.09.1-ce.

Before deploying Deep Security Agent into your target environment, you should ensure that Docker supports your target environment and platform configuration.

Systemd support

Some versions of the Deep Security Agent for Linux support systemd. See the table below for details.

Deep Security Agent Platform     Deep Security Agent Version
  20 LTS 12 FR 12 LTS 11 LTS
Amazon Linux (64-bit)      
Amazon Linux 2 (64-bit)        
CloudLinux 6 (64-bit)        
CloudLinux 7 (64-bit)        
CloudLinux 8 (64-bit) FR 2020-05-19    
Debian 8 (64-bit)        
Debian 9 (64-bit)        
Debian 10 (64-bit) U1 U14
Oracle Linux 6 (32- and 64-bit)        
Oracle Linux 7 (64-bit) U1 U13
Oracle Linux 8 (64-bit) U2 U14
Red Hat Enterprise Linux 6 (32- and 64-bit)        
Red Hat Enterprise Linux 7 (64-bit) U1 U13
Red Hat Enterprise Linux 8 (64-bit) U12
SUSE Linux Enterprise Server 11 (32- and 64-bit)        
SUSE Linux Enterprise Server 12 (64-bit)        
SUSE Linux Enterprise Server 15 (64-bit) U13
Ubuntu 16 (64-bit)        
Ubuntu 18 (64-bit)    
Ubuntu 20 (64-bit)      

If systemd support was added in an update or FR release, the minimum update or FR version is noted next to the check mark in the table. Examples: ✔ U1, ✔FR 2020-05-19.

SELinux support

Security-Enhanced Linux (SELinux) enforcing mode is supported on these OS and agent combinations, using the default SELinux policies:

Deep Security Agent Platform Deep Security Agent Version
20 LTS 12 FR 12 LTS
Red Hat Enterprise Linux 7 (64-bit) (FR 2020-05-19 or later) (Update 9 or later)
Red Hat Enterprise Linux 8 (64-bit) (FR 2020-05-19 or later) (Update 9 or later)

Anti-malware software such as Deep Security Agent must run in an unconfined domain in order to protect the system. Any additional SELinux policy customization or configuration may cause Deep Security Agent to be blocked.

If any alerts occur, see Troubleshoot SELinux alerts.

Secure Boot support

Some versions of the Deep Security Agent support the Secure Boot feature. See the table below for details. For details on configuring the agent for Secure Boot, see Linux Secure Boot support for agents.

Secure Boot is not available for AWS instances and Azure VMs.

      Deep Security Agent Version
Deep Security Agent Platform 20 LTS 12 FR 12 LTS 11 LTS
Red Hat Enterprise Linux 7 (64-bit)/td>
Red Hat Enterprise Linux 8 (64-bit)    
Debian 10 (64-bit)    
SUSE Linux Enterprise Server 12 (64-bit)    
SUSE Linux Enterprise Server 15 (64-bit)    
Ubuntu 16 (64-bit)    
Ubuntu 18 (64-bit)    
Ubuntu 20 (64-bit)