Virtual machine behind 'Trend Micro Deep Security' when moved to another ESXi Host by vMotion may be unprotected temporarily
search cancel

Virtual machine behind 'Trend Micro Deep Security' when moved to another ESXi Host by vMotion may be unprotected temporarily

book

Article ID: 327374

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Symptoms:

Once vMotion is triggered, Deep Security Virtual Appliance (DSVA) restores the status for the guest virtual machine (VM), sending policy from the Deep Security Manager (DSM) to restart the protection.
There was an issue found in Deep Security 12.0 GM version where it may take a long time until the VM can be protected again after a vMotion.

Environment

VMware NSX-T Data Center

Cause

This symptom can be noticed in environment running Trend Micro Deep Security Virtual Appliance with agent version 12.0 and NSX-T that enable Guest Introspection functionality only.

There is an implement introduced in Deep Security 12.0 U1 and above, however, it may still take up to 25 seconds until the VM can be protected after vMotion. 

Resolution

It is a known issue with Trend Micro Deep Security Virtual Appliance with agent version 12.0 and above due to design limitation and there is no resolution at this point.
It can impact NSX-T environment where Guest Introspection functionality is enabled.

Additional Information

Impact/Risks:

After the VM is migrated to another host, it may be unprotected for up to 25 seconds before VM can be protected again.

Powered by Wolken Software