Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

CTE Agent Linux Integration and Solutions Guides

Using CTE with Trend Micro Deep Security Software

search

Please Note:

Using CTE with Trend Micro Deep Security Software

Trend Micro’s Deep Security software provides comprehensive security in a single solution that is purpose-built for virtual, cloud, and container environments. Thales has verified certain versions of this Trend Deep product for compatibility with CTE on Red Hat Enterprise Linux (RHEL) 7 and RHEL 8.

This section contains the following topics:

Ensuring Correct Deep Security Service Startup Order

CTE services and Deep Security services must be started and stopped in the correct order to prevent problems with your data that is guarded by CTE. This order is important any time these services need to be started or stopped, such as:

  • During normal startup and shutdown of your Linux host.

  • Before enabling a scheduled upgrade of CTE.

  • Before performing a manual upgrade of CTE.

  • As needed for maintenance or troubleshooting.

Ensuring Correct Deep Security Service Startup Order in systemd

Configuring the proper startup and shutdown order of CTE and Trend Micro’s Deep Security services in systemd ensures that the services start in the right order during system startup and shutdown. This is also important if you configure a scheduled upgrade of CTE.

The following Deep Security service must be configured to start after CTE services:

ds_agent.service

To configure this behavior, add this service to the Before= line in the secfs-fs-barrier.service file on your system. The order of these services on the Before= line in the secfs-fs-barrier.service file does not matter. See Location of Application Unit Configuration Files for the location of the secfs-fs-barrier.service file on your system. See Adding Applications to the secfs-fs-barrier.service File for information about how to add services to the secfs-fs-barrier.service file.

Ensuring Correct Deep Security Service Startup Order Manually

Perform the following commands in this order if you need to stop Deep Security and CTE services manually:

  1. Stop Deep Security services:

     systemctl stop ds_agent.service

  2. Stop CTE:
    Linux distributions that support systemd /etc/vormetric/secfs stop
    Linux distributions that do not support systemd service secfs stop

Perform the following commands in this order if you need to start Deep Security and CTE services manually:

  1. Start CTE:
    Linux distributions that support systemd /etc/vormetric/secfs stop
    Linux distributions that do not support systemd service secfs stop

  2. Start Deep Security services:

     systemctl start ds_agent.service

Updating Deep Security

It is not necessary to shut down CTE services when you update Trend Micro Deep Security to a new version. Follow the Update Deep Security software described by Trend Micro.

On this page