About Deep Discovery Email Inspector Parent topic

Deep Discovery Email Inspector stops sophisticated targeted attacks and cyber threats by scanning, simulating, and analyzing suspicious links and attachments in email messages before they can threaten your network. Designed to integrate into your existing anti-spam/antivirus network topology, Deep Discovery Email Inspector can act as a Mail Transfer Agent in the mail traffic flow or as an out-of-band appliance silently monitoring your network for cyber threats.

What's New Parent topic

New Features in Deep Discovery Email Inspector 2.6

Feature
Description
Enhanced Deep Discovery Director support
Enhanced Deep Discovery Director support provides the following features for Deep Discovery Email Inspector:
  • Centralized Virtual Analyzer image deployment
  • Configuration replication
Auxiliary product integration
Deep Discovery Email Inspector integrates with the following products to provide effective detection and blocking at the perimeter:
  • Check Point Open Platform for Security (OPSEC)
  • TippingPoint Security Management System (SMS)
  • IBM Security Network Protection (XGS)
  • Palo Alto Panorama and Firewalls
Threat intelligence sharing
Deep Discovery Email Inspector can share suspicious object information with third-party products (such as Blue Coat ProxySG) through HTTP/HTTPS web services.
Microsoft Active Directory integration
Deep Discovery Email Inspector integrates with Microsoft Active Directory to allow web console logon using Active Directory credentials.
New components
Deep Discovery Email Inspector integrates the following components:
  • Network Content Inspection Engine (NCIE)
  • Network Content Inspection Pattern (NCIP)
  • Deep Discovery Trusted Certificate Authorities
  • Virtual Analyzer Configuration Pattern
Enhanced component management
Deep Discovery Email Inspector improves component management by providing the option to roll back component versions.
YARA rule support
Deep Discovery Email Inspector uses YARA rules to identify malware. YARA rules are malware detection patterns that are fully customizable to identify targeted attacks and security threats specific to your environment.
Exception list management
Deep Discovery Email Inspector can import or export exception lists through HTTPS web service.
Enhanced Virtual Analyzer
The internal Virtual Analyzer has been enhanced to include proxy configuration.
Improved detection capability
Deep Discovery Email Inspector provides increased protection by improving its detection capabilities. This release supports the following:
  • Deployment of sandbox images running Windows 10 Threshold 2 (B1511), Windows Server 2012, and Windows Server 2012 R2 operating systems
  • Support Microsoft Office 2016 application for Office file analysis in sandbox images
  • New file types (Microsoft Publisher 2016, Microsoft Windows Command Script file, Microsoft Windows Batch file, and Scalable Vector Graphics) for file submission filters
  • File SHA-256 and vulnerability information in analysis reports
  • Decrypt password-protected PDF and Microsoft Office files in archive files
  • Extract files in archive files with multiple compression layers
SFTP upload for detection logs
Deep Discovery Email Inspector can upload Virtual Analyzer detection logs to a secure FTP (SFTP) server.
Enhanced SMTP notifications
The enhanced SMTP notifications feature includes the following features:
  • Support for SMTP server authentication
  • Option to test connection to SMTP server
High memory usage alert
Deep Discovery Email Inspector can send alert notifications when the high memory usage threshold is reached.
Management console enhancements
Administrators can view the following information on the management console:
  • System information (system time, appliance IP address, and network throughput) in the top banner
  • Additional email header information in detected messages
Enhanced credential management
Deep Discovery Email Inspector implements stricter system access credential checks to strengthen product security.