<> Trend Micro, Inc. January 22, 2021 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ServerProtect(TM) for NetApp(TM) 5.8 Service Pack 1 Patch 1 Build 1200 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Note: This readme file was current as of the date above. However, all customers are advised to check Trend Micro's web site for documentation updates at: http://docs.trendmicro.com/ Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro web site. Register during installation or online at: http://olr.trendmicro.com/ Contents =================================================================== 1. About ServerProtect for NetApp 5.8 1.1 Overview of this Release 1.2 Who Should Install this Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation/Uninstallation 5.1 Installation 5.2 Uninstallation 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Files Included in this Release 10. Contact Information 11. About Trend Micro 12. License Agreement =================================================================== 1. About ServerProtect for NetApp ====================================================================== ServerProtect for Network Appliance filers is designed to provide network-wide, comprehensive antivirus scanning for the Network Appliance filer line of data storage systems. Managed through an intuitive and portable console, ServerProtect provides virus outbreak management, centralized virus scanning, virus pattern file updates, event reporting, and antivirus configuration. 1.1 Overview of this Release =================================================================== ServerProtect for NetApp Filers 5.8 Service Pack 1 Patch 1 allows the Information Server to automatically update the Normal Server with the latest version. Patch 1 also upgrades the TMI CMAgent to an MCP CMAgent. 1.2 Who Should Install this Release =================================================================== You should install this service pack if you are currently running ServerProtect for NetApp Filers 5.8 or 5.8 Service Pack 1. 2. What's New ====================================================================== Note: Please install the service pack before completing any procedures in this section (see "Installation"). 2.1 Enhancements =================================================================== This patch includes the following new features and enhancements: Enhancement 1: Trend Micro Management Communication Protocol (MCP) - ServerProtect for NetApp Filers now supports MCP and allows users to register to Trend Micro Control Manager(TM) through the ServerProtect Management Console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: To configure this option: a. Install this Patch and install the Management Communication Protocol (MCP) CMAgent or migrate the Trend Micro Infrastructure (TMI) CMAgent to the MCP CMAgent(see "Installation" for more information). b. Click Start > ServerProtect Management Console. c. Do one of the following: - Click CMAgent Setting on the side bar. - Click Do > CMAgent Settings on the main menu. d. Input corresponding information, and register to Control Manager (see the ServerProtect online help for more information). Note: ServerProtect may display an incorrect group folder name on the Management Console. To prevent incorrect display names: - For Control Manager 5.5, install the "tmcm-55-win-en-sp1-patch4" update (or a later version) - For Control Manager 5.5, install the "tmcm_60_sp1_win_en_hfb2182" update (or a later version) See Known Issues for more information. Enhancement 2: Normal Server Updates - Users can now configure an Information Server to regularly check the build version of Normal Servers and to automatically send a command to a Normal Server to download and apply the latest hot fix or patch if it detects that the Normal Server's build version is lower than the latest hot fix or patch on the Information Server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 2: To configure this option: a. Install this Patch (see "Installation"). b. Open a registry editor on the Information Server. c. Add the following keys and set the appropriate values. Paths: - 32-bit Information Servers: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion - 64-bit Information Servers: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ TrendMicro\ServerProtect\CurrentVersion Keys: - AutoUpdateNS=1, enables the feature =0, (default) disables the feature - AutoUpdateNSTime= frequency at which the Information checks the build version of Normal Servers in minutes multiplied by two, the default value is 30, which means 30*2=60 minutes or 1 hour Type: DWORD Enhancement 3: Previously, the "LogViewer.exe" may not be able to show logs in the backup dbf files. In this release, another method --- "directly parsing the dbf file" is applied to avoid the issue. Procedure 3: To configure this option: a. Install this Patch (see "Installation"). b. Open a registry editor on the Normal Server. c. Add the following keys and set the appropriate values. Paths: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro \ServerProtect\CurrentVersion\SpntService Keys: UsingFileRead = 1, enables the feature = 0, disables the feature Type: DWORD 2.2 Resolved Known Issues =================================================================== This patch resolves the following issues: Issue 1: Sometimes, Control Manager cannot deploy engine files to two or more Normal Servers simultaneously. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [Critical Patch 1102] This patch ensures that Normal Servers can successfully receive engine file deployment commands from Control Manager. Issue 2: Control Manager shows the wrong operating system name for Information Servers and Normal Servers that are deployed on the Windows Server 2012 platform. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Critical Patch 1102] This patch enables Control Manager to show the correct operating system name for each Information Server and Normal Server. Issue 3: Notification messages that are generated while the filer is connecting to or disconnecting from ServerProtect for Network Appliance Filers are not recorded in the Windows event log. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hot Fix 1100] This patch ensures that all notification messages about filer connections are recorded promptly in the Windows event log. Issue 4: The Normal Server does not notify the filer about pattern updates. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: [Hot Fix 1094] This patch ensures that the Normal Server always notifies the filer about pattern updates. Issue 5: Notification email messages contain only one action field and one corresponding result field. As a result, notification email messages contain only the first action and result and will not be able to display a second action and the result if a second action was taken. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: [Hot Fix 1091] This patch enables notification email messages to display the final action and the corresponding result when there are several actions and results. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 5: To configure this option: a. Install this Service Pack (see "Installation"). b. Open the Registry Editor. c. Add the following key and set its value to "1": Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\Notification Key: FinalActionTaken Type: REG_DWORD Value: 1 Note: When this key is enabled, notification email messages will report the final action and result. To disable this key, set "FinalActionTaken=0". Issue 6: Every time the Information Server starts up, it generates a new Globally Unique Identifier (GUID), which it uses to encrypt a Remote Procedure Call (RPC) package. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: [Hot Fix 1085] This patch adds an option for users to either allow or prevent the Information Server from changing the GUID every time it starts up. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 6: To configure this option: a. Install this Service Pack (see "Installation"). b. Open the Registry Editor on the Information Server. c. Add and configure the following key: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\InformationServer Key: GUIDSwitch Type: DWORD Value: "1" = prevents the Information Server from changing the GUID at each start up "0" = allows the Information Server to change the GUID at each start up Issue 7: The "Spntsvc.exe" process stops unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: [Hot Fix 1084] This patch resolves this issue by: - improving the Remote Procedure Call (RPC) communication process between Information Servers and Normal Servers in the "StRpcCln.dll" file. - changing how the heap memory is released in the "eng50.dll" file. Issue 8: When adding filers, ServerProtect for Network Appliance Filers 5.8 uses the Windows API "gethostbyaddr()" to convert IP addresses to hostnames. Sometimes, the "gethostbyaddr()" API returns the same hostname for different IP addresses. This prevents users from adding filers successfully. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: [Hot Fix 1083] This patch provides a way to disable the conversion of IP addresses to hostnames when adding filers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 8: To enable/disable the conversion of IP addresses to hostnames when adding filers, first apply this Service Pack (see "Installation") then: - on all Normal Servers under an Information Server: a. Open the "DisableConvertIpWhenAddFiler.ini" file on the Information Server and change its content according to your preferred setting. "0" = Enable the conversion to hostname "1" = Disable the conversion to hostname - For 32-bit Normal Servers, the file is in the "ProductInstalledFolder\HotFix\32bit\" folder - For 64-bit Normal Servers, the file is in the "ProductInstalledFolder\HotFix\64bit\" folder NOTE: You need to create the "DisableConvertIpWhenAddFiler.ini" file if it does not exist in the respective folder. b. Open the "hotfix.ini" file in the "ProductInstalledFolder\HotFix" folder and set "read=0". The Information Server pushes the "DisableConvertIpWhenAddFiler.ini" file to all Normal Servers and modifies the value of "read" to "1". - on a single or selected Normal Server, open the "DisableConvertIpWhenAddFiler.ini" file on the Normal Server and change its content according to your desired setting. "0" = Enable the conversion to hostname "1" = Disable the conversion to hostname - For 32-bit Normal Servers, the file is in the "ProductInstalledFolder\" folder - For 64-bit Normal Servers, the file is in the "ProductInstalledFolder\x64\" folder Issue 9: ServerProtect for Network Appliance Filers 5.8 uses the SSAPTN pattern file (Component ID = 0x20000400) to scan for spyware/grayware. However, status logs that the ServerProtect agent sends to the Control Manager server contain the following incorrect line:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: [Hot Fix 1079] This patch enables users to configure the ServerProtect agent to use "SLF_TMASSA" instead of "SLF_SpywareVersion" in status logs that it sends to the Control Manager server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 9: To configure the ServerProtect agent to use "SLF_TMASSA"in status logs that it sends to the Control Manager Server: a. Install this Service Pack (see "Installation"). b. Open the Registry Editor. c. Create the following key and set its value to "1": Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ TrendMicro Control Manager Agent\SPNT Key: EnableTMASSA Type: DWORD Value: "0", use "SLF_SpywareVersion" "1", use "SLF_TMASSA" Issue 10: After users configure a filer into the Filer List of a Normal Server and restart the Normal Server, "SpntSvc.exe" may use up 100% of the CPU resources. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: [Hot Fix 1076] This patch resolves this issue by updating the thread that sends scan results to filers. Issue 11: ServerProtect for Network Appliance Filers may not be able to quarantine certain special viruses in compressed files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: [Hot Fix 1095] This patch ensures that ServerProtect for Network Appliance Filers can successfully detect and quarantine viruses in compressed files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 11: To ensure that ServerProtect for Network Appliance Filers can successfully quarantine viruses in compressed files: a. Install this Service Pack (see "Installation"). b. Open the Registry Editor. c. Add the following key and set its value to "1": Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\engine Key: DisableEJO Type: REG_DWORD Value: 1 Note: When enabled, this key ensures that ServerProtect for Network Appliance Filers can successfully quarantine viruses in compressed files. To disable this key, set "DisableEJO=0". Issue 12: Virus infection information in Windows Event logs is inconsistent with the information in product infection logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: [Hot Fix 1090] This patch ensures that the virus infection information in Windows Event logs is consistent with the information in product infection logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 12: To enable this solution: a. Install this Service Pack (see "Installation"). b. Open the Registry Editor. c. Create the following registry key and set its value to "1". Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\SpntService Key: isFixEnabled Type: DWORD Value: "1", to enable this solution "0", to disable this solution Issue 13: Sometimes, some unreadable characters are inserted in the message body of SMTP notification email messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: [Hot Fix 1078] This patch resolves this issue by converting the message body of SMTP notification email messages from Shift-JIS format to JIS format. Issue 14: "System error 1067" occurs when the ServerProtect service stops. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: [Hot Fix 1080] This patch resolves the error by preventing ServerProtect from attempting to access a global variable while stopping. Issue 15: An issue prevents ServerProtect 5.8 from updating the spyware pattern file from version 0.9xx.00 to 1.xxx.00 or later. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: [Critical Patch 1] This patch ensures that ServerProtect 5.8 can update the spyware pattern from version 0.9xx.00 to 1.xxx.00 or later. Issue 16: When ServerProtect for Network Appliance Filers 5.8 scans files, the "SpntSvc.exe" program may stop unexpectedly which triggers an "exception(0XC0000005)" error. This happens because "SpntSvc.exe" breaks the heap memory when it runs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: [Hot Fix 1082] This patch resolves the problem by changing how the "eng50.dll" file releases the heap memory . Issue 17: A vulnerability in the "mrf.exe" module of the Trend Micro Infrastructure (TMI) service may allow an attacker to execute arbitrary codes on vulnerable installations of Control Manager Agent (CMAgent). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 17: [Critical Patch 2] This patch addresses the vulnerability to prevent malicious attacks. Issue 18: The Management Console displays a task's "Last Perform Time" information in UTC format instead of in the local time. This occurs when the task runs immediately after the Management Console starts. As a workaround, users can restart the Management Console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 18: [Hot Fix 1101] This patch adds a synchronizing mechanism to ensure that the time zone information is properly initialized before being used. Issue 19: Sometimes, a ServerProtect event log shows the "Clean Success" action result, but the corresponding email notification reports that the action result is "Clean Fail." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 19: [Hot Fix 1107] This patch ensures that the action results displayed in ServerProtect event logs and the corresponding email notifications are consistent and correct. Issue 20: Sometimes, a Normal Server cannot handle scan requests from the clustered Data ONTAP operating system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 20: [Hot Fix 1163] This patch improves the memory management mechanism of Normal Servers to ensure that these servers can properly handle scan requests from clustered Data ONTAP. Issue 21: Temporary performance issues may occur after a Normal Server registers to the NetApp Data ONTAP cluster-mode without providing any pattern information. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 21: [Hot Fix 1166] This patch prevents the performance issues by ensuring that Normal Servers provide the correct pattern information while registering to the NetApp Data ONTAP cluster-mode. Issue 22: Under certain conditions, ServerProtect may stop unexpectedly while running a manual or scheduled scan. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 22: [Hot Fix 1172] This patch ensures that ServerProtect runs manual and scheduled scans normally. Issue 23: Before scanning a compressed file, ServerProtect first determines whether the file can be scanned or not by checking if the contents exceed the maximum size configured by the user. There is no limit to the value that users can set the maximum content size to on the Management Console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 23: [Hot Fix 1176] This patch limits the value of the maximum content size to 2 GB. After applying This patch, the Management Console will not allow users to set the maximum content size to any value larger than 2 GB. 3. Documentation Set ====================================================================== The documentation set for this product includes the following: o Getting Started Guide -- product overview, installation planning, installation and configuration instructions, and basic information intended to get you "up and running." o Readme.txt file -- version enhancements, basic installation, known issues, and release history. Electronic versions of the printed manuals are available at: http://docs.trendmicro.com/ o Online help -- context-sensitive help screens that provide guidance for performing a task. o Knowledge Base -- a searchable database of known product issues, including specific problem-solving and troubleshooting topics. http://esupport.trendmicro.com 4. System Requirements ====================================================================== 4.1 Normal Server ------------------ * CPU: 2.5 GHz Intel(R) Pentium(TM) IV processor or 3.0 GHz EM64T Intel processor or 2.0 GHz AMD Athlon(TM) 64-bit processor (or equivalent) * DRAM: Minimum 1 GB, 2 GB recommended * Operating System: - Windows Server 2008 Standard/Enterprise SP2 (x86) - Windows Server 2008 Standard/Enterprise SP2 (x64) - Windows Server 2008 R2 Standard/Enterprise SP1 (x64) - Windows 2008 Server Core - Windows Server 2012 Foundation Edition - Windows Server 2012 Essentials Edition - Windows Server 2012 Standard Edition - Windows Server 2012 Datacenter Edition - Windows Storage Server 2012 Standard Edition - Windows Storage Server 2012 Workgroup Edition - Windows Server 2012 R2 Foundation Edition - Windows Server 2012 R2 Essentials Edition - Windows Server 2012 R2 Standard Edition - Windows Server 2012 R2 Datacenter Edition - Windows Storage Server 2012 R2 Standard Edition - Windows Storage Server 2012 R2 Workgroup Edition - Windows Server 2016 Standard Edition - Windows Server 2016 Datacenter Edition - Windows Server 2016 Essentials Edition - Windows Storage Server 2016 Standard - Windows Storage Server 2016 Workgroup - Windows Server 2019 Standard Edition - Windows Server 2019 Datacenter Edition - Windows Server 2019 Essentials Edition - Windows Server IoT 2019 * Disk Space: 1 GB * A CD-ROM drive if the installation is performed locally. * Network protocols and services: TCP/IP, Microsoft Network and RPC services must be running on Windows Server family operating system. 4.2 Information Server ----------------------- * CPU: 3.0 GHz Intel Pentium IV processor or 3.0 GHz EM64T Intel processor or 2.0 GHz AMD Athlon 64-bit processor (or equivalent) * DRAM: Minimum 1 GB, 2 GB recommended * Operating System: - Windows Server 2008 Standard/Enterprise SP2 (x86) - Windows Server 2008 Standard/Enterprise SP2 (x64) - Windows Server 2008 R2 Standard/Enterprise SP1 (x64) - Microsoft Windows 2008 Server Core - Windows Server 2012 Foundation Edition - Windows Server 2012 Essentials Edition - Windows Server 2012 Standard Edition - Windows Server 2012 Datacenter Edition - Windows Storage Server 2012 Standard Edition - Windows Storage Server 2012 Workgroup Edition - Windows Server 2012 R2 Foundation Edition - Windows Server 2012 R2 Essentials Edition - Windows Server 2012 R2 Standard Edition - Windows Server 2012 R2 Datacenter Edition - Windows Storage Server 2012 R2 Standard Edition - Windows Storage Server 2012 R2 Workgroup Edition - Windows Server 2016 Standard Edition - Windows Server 2016 Datacenter Edition - Windows Server 2016 Essentials Edition - Windows Storage Server 2016 Standard - Windows Storage Server 2016 Workgroup - Windows Server 2019 Standard Edition - Windows Server 2019 Datacenter Edition - Windows Server 2019 Essentials Edition - Windows Server IoT 2019 * Disk Space: 1 GB * A CD-ROM drive if the installation is performed locally. * Network protocols and services: TCP/IP, Microsoft Network, and RPC services must be running on Windows Server family operating system. * The services listed above must be running on the installed machine. Trend Micro recommends an allocated bandwidth usage of minimum 128 Kilobytes per second to optimize deployment of component updates between ServerProtect Information Server and Normal Server. If RPC communication malfunctions over either the Named Pipe protocol or TCP, ServerProtect 5.8 will automatically switch from the non-functioning protocol to the other. To manage the Windows Server, an Information Server must be installed. * For ActiveUpdate 2.8, additional 3 GB disk space is required if Smart Duplicate is enabled. In this case, the cached pattern number must be set to the value of 14. 4.3 Management Console ----------------------- * CPU: 2.5 GHz Intel Pentium IV processor or 3.0 GHz EM64T Intel processor or 2.0 GHz AMD Athlon 64-bit processor (or equivalent) For Server Environment: * DRAM: Minimum 1 GB, 2 GB recommended * Operating System: - Windows Server 2008 Standard/Enterprise SP2 (x86) - Windows Server 2008 Standard/Enterprise SP2 (x64) - Windows Server 2008 R2 Standard/Enterprise SP1 (x64) - Windows Server 2012 Foundation Edition - Windows Server 2012 Essentials Edition - Windows Server 2012 Standard Edition - Windows Server 2012 Datacenter Edition - Windows Storage Server 2012 Standard Edition - Windows Storage Server 2012 Workgroup Edition - Windows Server 2012 R2 Foundation Edition - Windows Server 2012 R2 Essentials Edition - Windows Server 2012 R2 Standard Edition - Windows Server 2012 R2 Datacenter Edition - Windows Storage Server 2012 R2 Standard Edition - Windows Storage Server 2012 R2 Workgroup Edition - Windows Server 2016 Standard Edition - Windows Server 2016 Datacenter Edition - Windows Server 2016 Essentials Edition - Windows Storage Server 2016 Standard - Windows Storage Server 2016 Workgroup - Windows Server 2019 Standard Edition - Windows Server 2019 Datacenter Edition - Windows Server 2019 Essentials Edition - Windows Server IoT 2019 For Client Environment: * DRAM: Minimum 512 MB, 1 GB recommended * Operating System: - Windows XP Professional SP2 or SP3 (x86) - Windows XP Professional SP2 or SP3 (x64) - Windows Vista Business/Enterprise/Ultimate SP1 (x86) - Windows Vista Business/Enterprise/Ultimate SP1 (x64) - Windows 7 Professional/Enterprise/Ultimate SP1 (x86) - Windows 7 Professional/Enterprise/Ultimate SP1 (x64) - Windows 8/Windows 8 Pro/Windows 8 Enterprise 32-bit - Windows 8/Windows 8 Pro/Windows 8 Enterprise 64-bit - Windows 8.1/Windows 8.1 Pro/Windows 8.1 Enterprise 32-bit - Windows 8.1/Windows 8.1 Pro/Windows 8.1 Enterprise 64-bit - Windows 10/Windows 10 Pro/Windows 10 Enterprise 32-bit - Windows 10/Windows 10 Pro/Windows 10 Enterprise 64-bit * Disk Space: 500 MB * A monitor with resolution of 1024x768 or higher. * A CD-ROM drive. * Network protocols and services: TCP/IP, Microsoft Network, and RPC services must be running on Windows Server family operating system. 4.4 NetApp Filer and Hitachi NAS ---------------------------------------------------------- To communicate with ServerProtect, the virus scan function must be enabled on the NetApp Filer and Hitachi NAS. The NetApp Filer proprietary operating system: - Data ONTAP 7.x Series - Data ONTAP 8.x Series 7-Mode - Data ONTAP 8.x Series Cluster-Mode - Data ONTAP 9.x Series Cluster-Mode - ONTAP Select 9.x Series Cluster-Mode - Cloud Volumes ONTAP 9.x Note: A NetApp Cluster-Mode AVShim (called by NetApp as Clustered Data ONTAP Antivirus Connector) cannot be deployed on Windows Server 2003 but must be installed on the same computer with the Normal Server. If you want to use a Cluster-Mode AVShim, install the Normal Server on a Windows operating system later than Windows Server 2003. Hitachi NAS: - HNAS firmware 7.0.x - HNAS firmware 8.1.x - HNAS firmware 10.x/11.x/12.x For optimal scanning performance, Trend Micro recommends the connection between NetApp filer or Hitachi NAS and a Scan Server to have a bandwidth of at least 1 Gigabit per second. Note: The Scan Server must be located in the same domain as Hitachi NAS to correctly support the virus scan option. 5. Installation/Uninstallation ====================================================================== 5.1 Installation =================================================================== To apply this Patch from the same computer as the Information Server: 1. Close the management console. If this is not running at the time of installation, proceed with the next step. 2. Copy the "spnaf_580_win_en_sp1_p1_b1200.exe" patch installation file to a temporary folder. 3. Run the Patch file. The license screen appears. 4. If you disagree with the terms of the legal agreement, choose the "I do not agree with the terms of the legal agreement." option and click "Cancel" to abort the installation. Otherwise, choose the "I accept the terms of the legal agreement" and click "Next". The "readme" appears. 5. Read the contents of the readme carefully and click "Install". A message box appears to remind you that the Trend Micro Infrastructure (TMI) CMAgent will be migrated to Management Communication Protocol (MCP) CMAgent. 6. If you do not want to upgrade the Trend Micro Infrastructure (TMI) CMAgent to the Management Communication Protocol (MCP) CMAgent, click "No" and the installation aborts. Otherwise, click "Yes". Notes: - Once the Trend Micro Infrastructure (TMI) CMAgent is installed on the Information Server, the TMI agent will be automatically upgraded to the Management Communication Protocol (MCP) CMAgent. - If Trend Micro Infrastructure (TMI) CMAgent is not installed on the Information Server, a "Trend Micro strongly recommends installing Trend Micro Management Communication Protocol (MCP) Control Manager Agent for ServerProtect. Click Yes to install MCP Control Manager Agent for ServerProtect now, or click No to install it later." message box appears after copying all patch files. If you want to install the MCP CMAgent, click "Yes" otherwise, click "No". The "MCP_CMAgent.exe" installation package will be copied to the ".\SProtect\SMS\CMAgent\" folder. You can run the package to install the MCP CMAgent. - The Information Server deploys the Patch to Normal Servers 30 seconds after the installation is completed and restarts the ServerProtect services. If the installation does not complete successfully, contact Trend Micro technical support. To apply this Patch to a management console that is not associated with the computer hosting the Information Server: 1. Apply the Patch to the Information Server. 2. Close the management console. 3. Go to the management console home directory and backup the following five files to another location. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - spuninst.exe - spuninstrc.DLL 4. On the Information Server, copy the following files from the Information Server home directory to the management console home directory to overwrite the local files. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - spuninst.exe - spuninstrc.DLL 5.2 Uninstallation =================================================================== Since this patch upgrades the current TMI CMAgent to an MCP CMAgent, the changes to the system are sizable. The previous TMI CMAgnet will not be supported any longer. Trend Micro does NOT recommend uninstalling this patch. 6. Post-installation Configuration ====================================================================== No special post-installation steps are required. Note: Trend Micro recommends that updating all components immediately after installing the product. 7. Known Issues ====================================================================== 7.1 Empty domains are not displayed in Control Manager. =================================================================== Empty domain information is not updated to the Control Manager server, and therefore will not be displayed on the Control Manager server. 7.2 Previous versions of the ServerProtect Management Console cannot be used to manage the ServerProtect 5.8 Information Server. =================================================================== The version used for the Management Console must be the same as the version used for the Information Server. 7.3 The ServerProtect 5.8 Management Console cannot be used to manage previous versions of the ServerProtect Information Server. =================================================================== The version used for the Management Console must be the same as the version used for the Information Server. 7.4 Control Manager cannot manage ServerProtect normally when the Information Server version is 5.8 and the Normal Server version is 5.62. =================================================================== When the Information Server is upgraded to version 5.8 from 5.62 and the Normal Server that is managed by this Information Server is still in version 5.62, Control Manager will not be able to manage the ServerProtect 5.62 Normal Server normally. 7.5 Macro viruses are treated as file viruses. =================================================================== Macro viruses may be treated as file viruses even if the action against macro viruses is specified in "Set Virus Action". This occurs because the virus scan engine considers some kinds of macro viruses as file viruses. The "Virus type" for these macro viruses displays as "File viruses" in the "detailed information" of virus logs. 7.6 The CMAgent installation package cannot support domain names in Unicode character format. =================================================================== If the domain name is in Unicode format, the CMAgent displays the "Call to RegDBQueryKey failed" error message. 8. Release History ====================================================================== - ServerProtect for NetApp Filers 5.31, September 10, 2001 - ServerProtect for NetApp Filers 5.60, October 7, 2003 - ServerProtect for NetApp Filers 5.61, December 22, 2003 - ServerProtect for NetApp Filers 5.62, September 6, 2005 - ServerProtect for NetApp Filers 5.8, March 1, 2010 9. Files Included in this Release ====================================================================== Module Filename Build No. ------------------------------------------------------------------- Management Console Admin.exe 5.80.0.1200 Adm_enu.dll 5.80.0.1200 AgentClient.dll 5.80.0.1200 ADM_ENU.chm n/a Information Server StRpcCln.dll 5.80.0.1200 Earthagent.exe 5.80.0.1200 EventMsg2.dll 5.80.0.1200 Notification.dll 5.80.0.1200 AgentClient.dll 5.80.0.1200 StUpdate.exe 5.80.0.1200 BIFSender.exe 5.80.0.1200 libcurl.dll 7.17.1.0 zlib.dll 1.2.2.0 libeay32.dll 1.0.0.1 ssleay32.dll 1.0.0.1 32-bit Normal Server StRpcSrv.dll 5.80.0.1200 StUpdate.exe 5.80.0.1200 NtApRPC.dll 5.80.0.1200 eng50.dll 5.80.0.1200 Notification.dll 5.80.0.1200 StRpcCln.dll 5.80.0.1200 AgentClient.dll 5.80.0.1200 EventMsg2.dll 5.80.0.1200 LogMaster.dll 5.80.0.1200 DCE.dll 5.80.0.1200 SpntSvc.exe 5.80.0.1200 StHotFix.exe 5.80.0.1200 StOPP.exe 5.80.0.1200 64-bit Normal Server StRpcSrv.dll 5.80.0.1200 StUpdate.exe 5.80.0.1200 NtApRPC.dll 5.80.0.1200 eng50.dll 5.80.0.1200 Notification.dll 5.80.0.1200 StRpcCln.dll 5.80.0.1200 AgentClient.dll 5.80.0.1200 EventMsg2.dll 5.80.0.1200 LogMaster.dll 5.80.0.1200 DCE.dll 5.80.0.1200 SpntSvc.exe 5.80.0.1200 StHotFix.exe 5.80.0.1200 StOPP.exe 5.80.0.1200 Control Manager Agent libMRF_AP.dll 1.12.0.1156 libMRF_CM.dll 1.12.0.1156 libMRF_Common.dll 1.12.0.1156 libMRF_DM.dll 1.12.0.1156 libMRF_Entity.dll 1.12.0.1156 libTMI_DataMarshal.dll 1.12.0.1156 mrf.exe 1.12.0.1156 MRF_CM.dll 1.12.0.1156 Entitymain.exe 2.50.0.1411 EN_Utility.dll 2.50.0.1411 LibEN_Conf.dll 2.50.0.1411 LibEN_Logger.dll 2.50.0.1411 libEN_SendLog.dll 2.50.0.1411 libEN_Product.dll 5.80.0.1200 Normal Server Hot Fix File Hotfix.ini n/a Patch files Tmpatch.exe 2.2.0.1031 readme.txt n/a license.txt n/a 10. Contact Information ====================================================================== A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our website. Global Mailing Address/Telephone Numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Us" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 11. About Trend Micro ====================================================================== Trend Micro Incorporated, a global leader in Internet content security and threat management, aims to create a world safe for the exchange of digital information for businesses and consumers. A pioneer in server-based antivirus with over 20 years of experience, we deliver top-ranked security that fits our customers' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the Trend Micro Smart Protection Network(TM) infrastructure, our industry-leading cloud-computing security technology and products stop threats where they emerge, on the Internet, and are supported by 1,000+ threat intelligence experts around the globe. For additional information, visit www.trendmicro.com. Copyright 2020, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, Smart Protection Network, ServerProtect, and Control Manager are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ====================================================================== Information about your license agreement with Trend Micro can be viewed at: http://us.trendmicro.com/us/about/company/user_license_agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Getting Started Guide or Administrator's Guide