Frequently asked support and security questions for Service Gateway.
Click a link to jump to the topic.
What Operating System Does Service Gateway Use?
The Service Gateway virtual appliance uses a customized Linux kernel which removes
unnecessary tools, software, and commands to secure the environment.
How Often are Security Patch Updates Released?
When Trend Micro receives a CVE or ZDI vulnerability report, our security team performs a CVSS evaluation
of the current Service Gateway build. If the vulnerability impacts Service Gateway,
a
critical patch is released or the vulnerability is resolved in the next build release
depending on the severity. New builds are normally released every two weeks.
Who Can Access the Service Gateway CLI?
The Service Gateway virtual appliance only allows the default admin user to sign in
to the
Command Line Interface Shell (CLISH) console. The admin user is required to change
the
password when signing in for the first time. The password can be changed manually
with the
command configure password.
What are the Password Requirements for the Service Gateway CLI?
The password must meet the following requirements:
-
Must be 8 to 32 characters
-
At least one uppercase letter (A-Z)
-
At least one lowercase letter (a-z)
-
At least one number (0-9)
-
At least one special character: ~!`@#$%^&*()/_+=[]{}-\|<>',.?:;"
Follow security best practices to create a strong password:
-
Avoid using words found in the dictionary
-
Intentionally misspell words
-
Use phrases or combine words
-
Use both uppercase and lowercase letters
What Addresses and Ports Does Service Gateway Use?
Service Gateway provides HTTP and HTTPS ports for integration with other on-premises
products. For more information, see Service Gateway virtual appliance communication ports
What Deployment Options Does Service Gateway Support?
Service Gateway supports installation on a range of different network virtualization
platforms. For virtual machine deployments with a hypervisor, Service Gateway supports
VMware ESXi and Microsoft
Hyper-V.
Service Gateway supports cloud deployments with Amazon Web
Services and Microsoft
Azure.
How Do You Check CPU Compatibility for Service Gateway 3.0?
Service Gateway 3.0 migrates the base operating system from CentOS to ensure continued
service and security. The new base operating system has minimum CPU architecture
requirements. If your CPU does not meet the minimum requirements, you cannot upgrade
to
Service Gateway 3.0. Service Gateway 3.0 supports the following CPU architectures
at the
following versions or later:
-
AMD and Intel 64-bit (x86-64-v2)
-
64-bit ARM (ARMv8.0-A)
-
IBM Power Systems, Little Endian (POWER9)
-
64-bit IBM Z (z14)
To determine whether your CPU meets the minimum architecture requirements, check your
system properties. Alternatively, you may run a script or program to check your CPU
architecture.
For Linux systems, run the following script from the command line shell:
#!/bin/bash
function check_cpu_support_x86_64_v2() {
flags=$(cat /proc/cpuinfo | grep flags | head -n 1 | cut -d: -f2)
supports_v2='awk "/cx16/&&/lahf/&&/popcnt/&&/sse4_1/&&/sse4_2/&&/ssse3/ {found=1} END {exit !found}"'
echo "$flags" | eval $supports_v2
if [ $? -eq 0 ]; then
echo "CPU supports upgrade to SG3.0."
else
echo "CPU doesn't support upgrade to SG3.0."
fi
}
check_cpu_support_x86_64_v2If the CPU is compatible, the script outputs the
message CPU supports upgrade to SG3.0..For Windows systems, download Coreinfo from Microsoft.
 |
ImportantThe following instructions use Coreinfo v3.6. The information and screens contained
in
these instructions were valid as of January 2024. Coreinfo is a third-party program
not
affiliated with Trend Micro. Trend Micro takes no responsibility for any system changes caused by the program. Download and
use
the program at your own risk.
|
After downloading, extract all files, and then run Coreinfo.exe from the containing
directory using the command line. If Coreinfo outputs any of the following, your CPU
meets
the minimum architecture requirements:
-
CX16: Supports CMPXCHG16B instruction
-
POPCNT: Supports POPCNT instruction
-
SSE3: Supports Streaming SIMD Extensions 3
-
SSE4.1: Supports Streaming SIMD Extensions 4.1
-
SSE4.2: Supports Streaming SIMD Extensions 4.2
