What's New Parent topic

What's New in Deep Discovery Analyzer 6.5

Feature/Enhancement
Details
Enhanced ICAP integration
The ICAP integration feature in Deep Discovery Analyzer has been enhanced to include the following features:
  • Bypass file scanning based on selected MIME content-types
  • Bypass file scanning based on true file types
  • Bypass URL scanning in RESPMOD mode
  • Filter sample submissions based on the file types that Virtual Analyzer can process.
  • Scan samples using different scanning modules
  • X-Response-Desc ICAP header to provide reasons why a sample is considered as malicious or safe
Enhanced Virtual Analyzer
The internal Virtual Analyzer has been enhanced. This release adds the following features:
  • New file types (url, csv, xht, and xhtml) for sandbox analysis
  • New file types (dmg and pkg) for Mac sandbox analysis
  • Include HTTP redirect information in reports and threat type (Web Threat) for URL analysis
  • Two-stage URL rewrite for WeTransfer in URL pre-fetching
  • Dynamic URL Scanning to detect zero-day phishing attacks
  • Support image file size of up to 30GB on Deep Discovery Analyzer 1100 and 1200 appliances
TLS 1.2 support for added security
Deep Discovery Analyzer has the ability to enforce TLS 1.2, ensuring compliance and security for data in motion.
New alert notification
Deep Discovery Analyzer includes a new License Expiration alert to notify administrators when the product license is about to expire or has expired.
Enhanced YARA rule feature
The enhanced YARA rule feature includes the following:
  • YARA rule detection information in Virtual Analyzer reports and investigation package (report.xml), and on the Submissions screen
  • YARA rule file name filtering
  • Support 3.8.1 of the official specifications
Enhanced network services diagnostics
Deep Discovery Analyzer includes the following new features for the network services diagnostics function:
  • New network services
  • Service protocol and security information
Enhanced management console
The management console has been enhanced to include the following:
  • The interface of the Logon screen and the navigation bar been enhanced to provide a more consistent user experience.
  • Changing the account password allows a user to continue with the current management console session and terminates other sessions for the same user account.
Product update status
Deep Discovery Analyzer provides real-time progress status for hotfix, patch, or firmware updates on the management console.
Smart Protection Server for global services connection
When Smart Protection Server is the Smart Protection source, Deep Discovery Analyzer automatically connects to global services through Smart Protection Server.
Enhanced preconfiguration console
The preconfiguration console has been enhanced to provide the debug log management feature that allows administrators to perform the following tasks:
  • Collect debug logs
  • Upload debug logs to a secured FTP (SFTP) server
Enhanced Virtual Analyzer Status widget
The Virtual Analyzer Status widget has been enhanced to display the number of URLs in the pre-VA processing queue and the number of processing samples when you select a node in a cluster.
Enhanced high availability health monitoring
Deep Discovery Analyzer displays addition information (latency and network throughput) on the management console and include the connection information in debug logs to enhance the monitoring of high availability status.
Trend Micro Apex Central integration
Deep Discovery Analyzer has tighter integration with Apex Central, which allows for single-sign on and role-based mapping from Apex Central.
Inline migration from Deep Discovery Analyzer 6.0 and 6.1
Deep Discovery Analyzer can automatically migrate the settings of a Deep Discovery Analyzer 6.0 and 6.1 installation to 6.5.