Deep Discovery Director Tab Parent topic

Trend Micro Deep Discovery Director is an on-premises management solution that provides Indicators of Compromise (IOC) information and enables centralized deployment of product updates, product upgrades, configuration replication and Virtual Analyzer images to Deep Discovery Analyzer.
Deep Discovery Analyzer supports integration with Deep Discovery Director version 5.0 or above.
Deploying updates or upgrades to Deep Discovery Analyzer appliances that are configured in a high availability cluster will temporarily:
  • Detach the high availability appliances and suspend high availability
  • Restrict access to the management console and display a static information screen
After the update or upgrade completes, the detached appliances will automatically reattach and restore high availability.
Important
Important
  • Before deploying updates or upgrades, ensure that the appliances are not executing any task.
  • Avoid detaching appliances while an upgrade is in progress.
  • If the appliances fail to upgrade or continue to show the Upgrading Appliance screen for more than two hours, check Deep Discovery Director for errors. To resolve errors, temporarily detach the appliances. Detached appliances continue to upgrade. After the upgrade, manually attach the appliances again to restore high availability.
Use the Deep Discovery Director management console to deploy or replicate a Virtual Analyzer image or configuration to a primary appliance. This is not required for secondary appliances since they are set to automatically sync Virtual Analyzer images or configuration from the primary appliance.
Deep Discovery Analyzer supports integration with Deep Discovery Director to enable synchronization and central management of the following threat intelligence:
  • Upload of suspicious objects generated by the internal Virtual Analyzer to Deep Discovery Director
  • Download of user-defined suspicious objects from Deep Discovery Director
  • Download of exceptions from Deep Discovery Director
  • Download of YARA rule files from Deep Discovery Director
    Note
    Note
    After you register Deep Discovery Analyzer to Deep Discovery Director, Deep Discovery Analyzer automatically synchronizes YARA rule settings from Deep Discovery Director and overwrites existing YARA rule settings that you have configured.
  • Download of file passwords from Deep Discovery Director 5.1 and above
    Note
    Note
    After you register Deep Discovery Analyzer to Deep Discovery Director, Deep Discovery Analyzer automatically synchronizes file passwords from Deep Discovery Director and overwrites existing file passwords that you have configured. You can only change the file passwords on the Deep Discovery Director management console.
Note
Note
If you register Deep Discovery Analyzer to both Deep Discovery Director and Apex Central, Deep Discovery Analyzer synchronizes exception lists only from Deep Discovery Director, and uploads Virtual Analyzer Suspicious Objects only to Deep Discovery Director. You can check the synchronization status on the Deep Discovery Director management console. For more information, see the Deep Discovery Director Administrator's Guide.
The Deep Discovery Director screen displays the following information:

Deep Discovery Director Fields

Field
Information
Status
The following appliance statuses can be displayed:
  • Not registered: The appliance is not registered to Deep Discovery Director.
  • Registered | Connected: The appliance is registered and connected to Deep Discovery Director.
  • Registered | Unable to connect: The appliance is registered to Deep Discovery Director, but unable to connect. Verify that the Deep Discovery Director network settings are valid.
  • Registered | Untrusted fingerprint: The appliance is registered to Deep Discovery Director, but the connection was interrupted. To restore the connection, trust the new fingerprint.
Last connected
The last time this appliance connected to Deep Discovery Director.
Host name
The host name of this appliance.
Server address
The Deep Discovery Director server address.
Port
The Deep Discovery Director port.
API key
The Deep Discovery Director API key.
Fingerprint (SHA-256)
The Deep Discovery Director fingerprint.
Use the system proxy settings
Select to use the system proxy settings to connect to Deep Discovery Director.
Related information