Procedure

1. On the Deep Discovery Inspector management console, go to Administration → Integrated Products/Services → Threat Intelligence Sharing.
2. Select Enable Threat Intelligence Sharing to allow integrated products/services to get information from Deep Discovery Inspector.
3. Under Criteria, select which objects to include in the threat intelligence data file.

   Note The maximum length of shared URL objects is 997 characters.

   The objects appear in the generated file under the following categories.

   Object Categories in Generated File

   Object	Category in Generated File
   Suspicious URL identified by Virtual Analyzer	DDI_sandbox_feedback_blacklists
   URL in Deny List	DDI_custom_defense_blacklists
   URL in Apex Central or Deep Discovery Director User-Defined Suspicious Objects list	DDI_control_manager_blacklists
   Malicious URL detected by Web Reputation Service	DDI_wrs_blacklists
   C&C Callback URL	DDI_aggressive_blacklists
   Source URL for any of the following files: Suspicious file identified by Virtual Analyzer File in Deny List File in Apex Central or Deep Discovery Director User-Defined Suspicious Objects list	DDI_aggressive_blacklists
   Source URL for malicious file	DDI_aggressive_blacklists

4. Under Criteria, select the risk level of the objects to be included in the threat intelligence data file.
5. (Optional) By default, Deep Discovery Inspector shares threat intelligence data through HTTPS web service. You can also enable HTTP web service for data sharing. Under Server Settings, select Share information using HTTP (in addition to HTTPS) and specify the HTTP port number.
6. Click Save.
7. Click Generate Now.

   Note After the file generation is successful, you can click the URL to download the threat intelligence data file to view the content.

8. Configure an integrated product/service (for example, Blue Coat ProxySG device) to obtain threat intelligence data from Deep Discovery Inspector. For more information, see the documentation for the integrated product/service.