Configuring Trend Micro Deep Security Agent on a PVS Golden Image

Configuring an Anti-Virus product on a Golden image always requires some special attention. Various problems can occur when such a product is installed using default options in a Golden image. The booted target devices can end-up multiple times in the Anti-Virus management console, they can end up inactivated and thus unprotected.

To resolve such issues, each target device booted from a Golden Image needs to have a unique ID related towards the AV management product. How this is achieved depends upon the product itself. Some products need to have some registry keys, files or computer certificates deleted before ‘sealing’ the Golden Image.

Trend Micro Deep Security Agent (version 9.5.2754 was used in this case) uses a different approach. After the Anti-Virus agent has been installed, it needs to be activated on a per computer basis. This can be done manually in the management console of the product. Obviously, when speaking about VDI/SBC environment this is not ideal. For such environment, this can be executed from the Anti-Virus client side.

To allow the product to have unique devices in the console, the activation needs to occur after the Golden Image has been sealed when a device is booted in standard mode. Using this method, activation of the Anti-Virus product occurs at each boot. The devices will appear unique, and only once, in the console.

Using our deployment framework  we configured this as such: