Procedure

1. Go to Administration → Virtual Analyzer → Setup.
2. Select Submit files to Virtual Analyzer.
3. Select a Virtual Analyzer type and specify the settings.

   Note Options may vary depending on your Deep Discovery Inspector model and license.

   • Internal

     1. Select a network type.
        The selected network type determines the Internet connectivity of Virtual Analyzer.

        WARNING Trend Micro recommends using a custom network for sample analysis. The custom network should be independent of the management network and other internal networks so that malicious samples in the custom network do not affect hosts in the other networks.

        Network Type	Description
        Management network	Direct Virtual Analyzer traffic through a management port. Virtual Analyzer connects to the Internet using the Deep Discovery Inspector management port.
        Custom network	Configure a specific port for Virtual Analyzer traffic. Make sure that the port is able to connect directly to an outside network. Virtual Analyzer connects to the Internet using another port. Specify an open port and make sure that there are no port conflicts.
        No network	Isolate Virtual Analyzer traffic within Virtual Analyzer. The environment has no connection to an outside network. Virtual Analyzer has no Internet connection and relies only on its analysis engine.

        Note Virtual Analyzer requires an Internet connection to query Trend Micro cloud-based services (for example, WRS and CSSS) for available threat data.

     2. Enable and configure a dedicated proxy for the internal Virtual Analyzer.

        Note To configure the proxy settings, the management network or custom network must be selected as the network type.

        1. In Proxy Setting select Use dedicated proxy settings.
        2. In Server address, type the proxy server's IP address, host name, or FQDN.

           Note Virtual Analyzer supports HTTP and HTTPS proxy servers.

        3. Type the port number.
        4. (Optional) Type the proxy server's authentication credentials.
   • External
     1. Type the IP address of the Virtual Analyzer appliance.
     2. Type the API key from the external Virtual Analyzer.

        Note Log onto the external Virtual Analyzer to obtain the API key.

     3. Click Test Connection.
   • Analyzer as a Service

     Note By default, the proxy setting is enabled when Analyzer as a Service is selected. If a proxy is not configured, Deep Discovery Inspector still connects to the service.

     1. Click Test Connection.
4. Click Save.
5. (Optional) For Internal Virtual Analyzer, click Test Internet Connectivity.

   Note Trend Micro recommends testing the Internet connectivity whenever new settings are saved.

6. (Optional) For Internal Virtual Analyzer, go to Administration → Virtual Analyzer → Internal Virtual Analyzer → Sandbox for macOS and then enable Send possible threats for macOS to the Trend Micro Deep Discovery Analyzer as a Service for analysis.