Last week I had the pleasure of upgrading vCNS 5.5.4 to NSX 6.2.3 at a customer that also was running Trend Micro Deep Security 9.6 SP1. Before the upgrade I checked the compatibility matrices here, here, here and here and it looked like everything checked out. So I went ahead with the upgrade and the upgrade went super smooth and ran without any issues. After the upgrade was completed I linked the Trend Micro Deep Security Manager to the NSX Manager and we protected the VMs and again all looked good. But then… I ran into the most annoying error know to man (with Trend Micro Deep Security) “Anti-Malware Engine Offline” and “Web Reputation Engine Offline”.
Let the troubleshooting begin!
- Filter Drivers ESXi hosts
- Check, all ESXi hosts have the Filter Driver Removed.
- Check, all VMs have an updated version of the VMware Tools with the Guest Introspection option enabled.
- Check, NSX 6.2.3 is licensed as “NSX for vSphere”.
- Check, Anti-Malware and Web Reputation is licensed.
- Check, the correct NSX Security Policy is in place and applied on all VMs.
- Check, the NSX Guest Introspection Service VMs are deployed and service is up and running.
- Check, the Trend Micro Deep Security Service VMs are deployed and service is up and running.
- Bingo! Disabling the Web Reputation solved also the “Anti-Malware Engine Offline” error. We have a lead!