Skip to content

Deep Security

More Options

Advanced protection for physical, virtual, and cloud servers

Delivers comprehensive, adaptive, highly efficient agentless and agent-based protection, including anti-malware, intrusion detection and prevention, firewall, web application protection, integrity monitoring, and log inspection.

  • Accelerate virtualization investments
  • Minimize security impact
  • Ensure cost-effective compliance
  • Move safely to the cloud

Deep Security provides advanced server security for physical, virtual, and cloud servers. It protects enterprise applications and data from breaches and business disruptions without requiring emergency patching. This comprehensive, centrally-managed platform helps you simplify security operations while enabling regulatory compliance and accelerating the ROI of virtualization and cloud projects.

open all

Server Virtualization

Improve ROI with industry-leading server security that can help you triple VM consolidation rates

Get mature technology from the recognized leader in virtualization security. With integrated security designed for virtual servers, you can deploy comprehensive security without sacrificing performance or management. Deep Security lets you secure your virtual environment while achieving the increased efficiencies of cloud computing. Virtualization-aware security preserves performance and increases VM densities.

Desktop Virtualization

Maximize VDI security and performance with both agentless and agent-based deployment options

Get comprehensive protection for virtual desktops while preserving performance and consolidation ratios. Built specifically to handle the rigors of virtual desktop environments, Deep Security maximizes protection for a broad spectrum of virtual desktop scenarios. True agentless security for VMware VDI environments—anti-malware, intrusion prevention, web application protection, host firewall, and more—ensures no extra footprint from a security agent to impact the virtual desktops and the underlying host.

And agent-based security protects non-VMware VDI and virtual desktops in local mode. These flexible VDI security options let you maximize both the protection and ROI of your company’s unique VDI investment.

NSX Integration

Extend the benefits of micro-segmentation

The VMware NSX platform represents the latest step forward to secure the modern data center through VMware and Trend Micro’s joint commitment to design the ideal next-generation security framework. The combination of NSX and the Trend Micro Deep Security platform furthers the automation of security deployments while increasing protection for your virtual environment.

The software-defined data center with NSX micro-segmentation solves some of the most critical challenges of perimeter security. Deep Security extends the benefits of micro-segmentation with security policies and capabilities that automatically follow VMs no matter where they go. This results in the complete independence of a VM’s security posture, giving you the flexibility to run workloads with sensitive data next to workloads with no sensitive information because you no longer have to worry about threats moving laterally through the data center.

Virtual Patching

Shield vulnerabilities before they can be exploited, saving the cost of emergency patching

Hundreds of software vulnerabilities are exposed each month, and timely patching is expensive, prone to error and often impossible. Trend Micro virtual patching solutions deliver immediate protection while eliminating the operational pains of emergency patching, frequent patch cycles, and costly system downtime. Deep Security virtual patching keeps your servers and endpoints protected while reducing the risk of breach disclosure costs.

Cloud Protection

Control and encrypt data in the cloud and validate server access

Whether you’re deploying a private, public, or hybrid cloud, Trend Micro provides you with cloud protection that’s optimized for virtual and cloud environments. Deep Security integrates with SecureCloud for encryption and policy-based key management for cloud environments. You get better protection, less administrative complexity, and increased performance.  Agentless and agent-based deployments provide flexible cloud implementation options with cross-cloud management to secure your servers, applications, and data.  


Address major regulatory requirements for PCI DSS 3.0, HIPAA, NIST, SAS 70, and many others

The complexity and fluidity of desktop and server virtualization pose security, compliance, and performance risks that require specialized, virtualization-optimized protection and performance. Deep Security provides integrated security and compliance for business systems operating in physical, virtual, and cloud environments. Deep Security addresses several PCI DSS requirements and provides core security controls with a unique approach that economically solves the toughest compliance challenges. 

The following tightly integrated modules easily expand the platform to ensure server, application, and data security across physical, virtual, and cloud servers, as well as virtual desktops.

open all


Integrates with VMware environments for agentless protection, or provides an agent to defend physical servers and virtual desktops in local mode

Integrates VMware vShield Endpoint APIs to provide agentless anti-malware protection for VMware virtual machines with zero in-guest footprint. Helps avoid security brown-outs commonly seen in full system scans and pattern updates. Also provides agent-based anti-malware to protect physical servers, Hyper-V, and Xen-based virtual servers, public cloud servers, and virtual desktops in local mode.

Web Reputation

Strengthens protection against web threats to servers and virtual desktops

Integrates with the Trend Micro™ Smart Protection Network™ web reputation capabilities to safeguard users and applications by blocking access to malicious urls.

Integrity Monitoring

Detects and reports malicious and unexpected changes to files and systems registry in real time.

Monitors critical operating system and application files, such as directories, registry keys, and values, to detect and report malicious and unexpected changes in real time. Adds greater security to virtual machines without additional footprint through an agentless configuration. Protects the hypervisor from exploits with innovative hypervisor integrity monitoring technology. Reduces administrative overhead with trusted event tagging that automatically replicates actions for similar events across the entire data center.

Intrusion Detection and Prevention

Shields known vulnerabilities from exploits until they can be patched

Helps achieve timely protection against known and zero-day attacks. Uses vulnerability rules to shield a known vulnerability—for example those disclosed monthly by Microsoft—from an unlimited number of exploits. Offers out-of-the-box vulnerability protection for over 100 applications, including database, web, email, and FTP servers. Automatically delivers rules that shield newly discovered vulnerabilities within hours, and can be pushed out to thousands of servers in minutes, without a system reboot.

Defends against web application vulnerabilities

Enables compliance with PCI Requirement 6.6 for the protection of web applications and the data that they process. Defends against SQL injections, cross-site scripting, and other web application vulnerabilities. Shields vulnerabilities until code fixes can be completed.

Identifies malicious software accessing the network

Increases visibility into, or control over, applications accessing the network. Identifies malicious software accessing the network and reduces the exposure of your servers.


Decreases the attack surface of your physical and virtual servers

Centralizes management of server firewall policy using a bi-directional stateful firewall. Supports virtual machine zoning and prevents Denial of Service (DoS) attacks. Provides broad coverage for all IP-based protocols and frame types as well as fine-grained filtering for ports and IP and MAC addresses.

Log Inspection

Provides visibility into important security events buried in log files

Optimizes the identification of important security events buried in multiple log entries across the data center. Forwards suspicious events to a SIEM system or centralized logging server for correlation, reporting, and archiving. Leverages and enhances open-source software available at OSSEC.

open all

Accelerates Virtualization, VDI, and Cloud ROI

Provides a lighter, more manageable way to secure VMs to help you make the most out of your virtualization and cloud investments

  • Strengthens security without additional footprint through agentless integrity monitoring, intrusion prevention, firewall, and anti-malware
  • Frees staff from continually configuring, updating, and patching agents
  • Protects virtual servers and virtual desktops as they move between data center and public cloud
  • Available as elastic security for Amazon Web Services
  • Leverages Deep Security’s tight integration with VMware to automatically detect new VMs and apply context-based policies for consistent security across the data center and cloud
  • Extends the benefits of NSX micro-segmentation In the software-defined data center with security policies and capabilities that automatically follow VMs no matter where they go

Lowers Costs

Maximizes efficiency to reduce operational costs with lower overhead, fewer staff hours, and higher VM consolidation rates

  • Allows greater machine consolidation in virtual environments with agentless configuration for anti-malware and other security
  • Eliminates the cost of deploying multiple software clients with a centrally managed, multi-purpose agent or virtual appliance
  • Provides vulnerability protection to prioritize secure coding and cost-effective implementation of unscheduled patching
  • Reduces security management costs by automating repetitive and resource intensive security tasks
  • Ensures improved operational efficiency with a lighter, more dynamic smart agent that eases deployment to maximize resource allocation across the data center and cloud
  • Matches security to your policy needs so fewer resources need to be dedicated to specific security controls
  • Simplifies administration with centralized management across Trend Micro security products. Centralized reporting of multiple security controls reduces the challenge of creating reports for individual products

Prevents Data Breaches

Minimizes business disruptions with advanced protection that enables self-defending servers and virtual desktops

  • Detects and removes malware from virtual servers in real time
  • Shields known and unknown vulnerabilities in enterprise applications and operating systems
  • Leverages one of the world’s largest domain-reputation databases to protect systems from accessing compromised websites
  • Integrity monitoring of the hypervisor via Intel TPM/TXT technology to meet evolving compliance needs
  • NEW: Identifies and blocks botnet and targeted attack Command and Control (C&C) communications using global and local threat intelligence

Helps Achieve Compliance

Addresses major requirements for standards such as PCI DSS 3.0, HIPAA, NIST, SAS 70, and many others

  • Provides detailed, auditable reports that document prevented attacks and policy compliance status
  • Reduces the preparation time and effort required to support audits
  • Supports internal compliance initiatives to increase visibility

open all


Deep Security is a comprehensive agentless server security platform designed to protect dynamic data centers comprising physical, virtual, and cloud servers as well as virtual desktops. The solution consists of: the Deep Security Virtual Appliance, Deep Security Agent, and Deep Security Manager.

Deep Security Virtual Appliance

Transparently enforces security policies on VMware vSphere virtual machines

This virtual appliance provides agentless integrity monitoring, anti-malware, IDS/IPS, web application protection, application control, and firewall protection—coordinating with Deep Security Agent, if desired, for log inspection and defense in depth.

Deep Security Agent

Deploys protection on a server or virtual machine

This small software component is deployed on the server or virtual machine being protected to help enforce security policies. Enables anti-malware, IDS/IPS, web application protection, application control, firewall, integrity monitoring, and log inspection.

Deep Security Manager

Allows administrators to create security profiles and apply them to servers

This powerful management system has a centralized console for monitoring alerts and preventive actions taken in response to threats. The Manager can be configured to automate or distribute security updates to servers on demand. It also generates reports to gain visibility into activity and meet compliance requirements. Event Tagging functionality streamlines the management of high-volume events and enables workflow of incident response.

Deep Security as a Service

Cloud-based offering delivers comprehensive security for leading cloud service providers.

Delivered as an elastic service for rapid deployment from a central management console, Deep Security as a Service enables you to quickly and easily add security to cloud workloads for instant protection. Learn more

Security Center

Provides constant security updates to keep you ahead of the latest threats

A dedicated team of security experts rapidly develops and delivers security updates that address newly discovered vulnerabilities. The Security Center manages the customer portal used for accessing these security updates and information. Security updates can be delivered to Deep Security Manager automatically, or on-demand for deployment to thousands of servers within minutes.

Get the most out of your investment.

Maximize your protection and ROI with Technical Account Management Services for Deep Security. Your Technical Account Manager (TAM) is a seasoned security professional who will help you use all the features and functionality of Deep Security in a way that works best for your business. As a single point of contact for your security team, TAMs will have access to the resources that will help you with:

  • Implementation Support
    Implementation is critical to the effectiveness of your Deep Security solution. Your TAM will conduct a series of pre-implementation planning meetings to ensure that Deep Security is optimized for your specific virtualized infrastructure. After the installation, your TAM will continue testing and tuning to help ensure maximum protection.
  • User Training
    Your TAM will provide tailored training sessions on the Deep Security user interface with particular emphasis on how you can more effectively manage the solution.
  • Problem Resolution
    To escalate resolution, your TAM will bypass the regular escalation process and provide you with a single point of contact. They will engage core support and the software development teams if needed to assist in resolving the problem. Backup TAMs may also assist in providing 24x7 support.
  • Upgrade Assistance
    Similar to the initial installation, your TAM will continue to work with you to ensure that your Deep Security solution is installed correctly and optimized to your specific infrastructure. If an upgrade is recommended, your TAM will assess your needs and develop a plan to maximize the effectiveness of Deep Security.

TAM Services maximize the ROI on your investment to protect your virtualized IT environment. Having a TAM on your side enhances your protection, minimizes the time you spend dealing with problems and adds an expert security consultant to your team.

Get started today. Call 1-877-218-7363


Microsoft® Windows®

  • Windows XP, Vista 7, 8, 8.1 (32-bit/64-bit)
  • Windows Server 2003 (32-bit/64-bit)
  • Windows Server 2008, 2008 R2, 2012, 2012 R2 (64-bit)
  • XP Embedded

Oracle Solaris™

  • OS: 9, 10, 11 (64-bit SPARC), 10, 11 (64-bit x86)1
  • Oracle Exadata Database Machine, Oracle Exalogic Elastic Cloud, and SPARC Super Cluster via the supported Solaris operating systems

1Anti-malware not available


  • Red Hat® Enterprise 5, 6 (32-bit/64-bit)
  • SUSE® Enterprise 10, 11 (32-bit/64-bit)
  • CentOS 5, 6 (32-bit and 64-bit)
  • Amazon Linux (see the latest agent release notes for supported versions)
  • Ubuntu 10, 12, 14.04 (64-bit)
  • Oracle Linux 5, 6 (32-bit and 64 bit)
  • CloudLinux 5, 6 (32-bit/64-bit)

2Anti-malware support for on-demand scan only


  • AIX 5.3, 6.1 on IBM Power Systems3
  • HP-UX 11i v3 (11.31)

3Only Integrity Monitoring and Log Inspection modules are available on these UNIX-based platforms.


  • VMware®: 5.1/5.5/vCloud Networking and Security 5.1,View 4.5/5.0/5.1, ESX 5.5
  • Citrix®: XenServer4
  • Microsoft®: HyperV4

4Protection via Deep Security Agent only

Connect with us on