Reply
Stone Esquire
bradenl
Posts: 1
Registered: ‎03-04-2012
Accepted Solution

Deep Security 8.0 & vShield Endpoint - Black Screen VMWare View

Hi all,

 

We are experiencing an issue with a virgin install of vShield Endpoint 5.0 & Deep Security 8.0 once we activate guest virtual machines used as VMWare View Desktops through the DSM . We are presented with a black screen (connecting over PCoIP) when selecting any security profile other than 'Windows Anti-Malware Protection'. Even when a desktop view is visible using 'Windows Anti-Malware Protection' the USB redirection does not work.

 

Similarly, if connecting over VPN, if the VM is activated at all through DSM the black screen issue is presented regardless if a security profile is assigned or not.

 

We are running an agentless setup with the latest filter drivers / ESX patches / versions.

 

Has anybody experienced similar issues and been able to rectify the problem?

 

Please use plain text.
Affiliate
kirill
Posts: 458
Registered: ‎12-14-2009

Re: Deep Security 8.0 & vShield Endpoint - Black Screen VMWare View

Hi,

Please configure the DS filter driver,

- The calculation for determining the memory requirements of the Filter  Driver is incorrect in the documentation.  The correct fomula is:   <number of VMs> * <512 Bytes> * <number of TCP connections (default 10000)

And the command to set the value is:

% esxcfg-module -s DSAFILTER_HEAP_MAX_SIZE=41943040 dvfilter-dsa

To verify the setting, you can execute:

% esxcfg-module -g dvfilter-dsa

The setting will not take effect until the driver is reloaded. Reloading will either require a reboot (best option) of ESX or unload/load the driver by executing the commands:

% esxcfg-module -u dvfilter-dsa
% esxcfg-module dvfilter-dsa

Note: The above unload/reload will require all the protected VMs on the ESX(i) and the DVSA to shutdown.

 

Kirill


I am a Trend Micro Affiliate Emeritus. My comments and advice come from my personal knowledge and experience. I’m happy to volunteer what I can to help others have a great Trend Micro experience. Now posting as KirillGelfand.
Please use plain text.
Stone Esquire
kwarson
Posts: 2
Registered: ‎03-23-2012

Re: Deep Security 8.0 & vShield Endpoint - Black Screen VMWare View

Hi,

 

Maybe check this article : http://esupport.trendmicro.com/solution/en-us/1054482.aspx

I know it's about DeepSec 6 but I assume it still applies, because PCoIP is UDP traffic.

 

If the firewall component is not licensed it seems that "Statefull Inspection" is still active and denies stuf.

In that case you might want to change from "Network Engine" --> "Inline" to "Tap".

 

Kind regards,

 

Koen

 

Please use plain text.
Stone Esquire
kwarson
Posts: 2
Registered: ‎03-23-2012

Re: Deep Security 8.0 & vShield Endpoint - Black Screen VMWare View

Kiril,

 

Can you give more detail about the use of DSAFILTER_HEAP_MAX_SIZE ?

Can you tell me what the default value is, if it is not configured ?

Is it needed to be configured in every environment ?

 

Kind regards,

 

Koen

Please use plain text.
Affiliate
kirill
Posts: 458
Registered: ‎12-14-2009

Re: Deep Security 8.0 & vShield Endpoint - Black Screen VMWare View

Hi,

This value defined how many memory use for the dvfilter driver. Default is 25 guests, and IMHO you always need to configure this parameters.

Ch,

Kirill


I am a Trend Micro Affiliate Emeritus. My comments and advice come from my personal knowledge and experience. I’m happy to volunteer what I can to help others have a great Trend Micro experience. Now posting as KirillGelfand.
Please use plain text.