Configuring the Appliance IP Settings Parent topic

Procedure

  1. Go to AdministrationSystem SettingsNetwork.
  2. In Host Name, specify a host name or FQDN.
  3. (Optional) Select the option to use the host name instead of the IP address as the identity of this appliance.
    Important
    Important
    The host name must be resolvable within your network.
  4. Select the IPv4 type.
    • Static IP address
    • Dynamic IP address (DHCP)
    Note
    Note
    Deep Discovery Inspector requires its own IP address to ensure that the management port can access the management console. To enable a DHCP server on your network to dynamically assign an IP address to Deep Discovery Inspector, select Dynamic IP address (DHCP). Otherwise, select Static IP address.
  5. If Static IP address is selected, specify the following:
    1. IPv4 address: The numeric address specifically for Deep Discovery Inspector.
    2. IPv4 subnet mask: Indicates the subnet mask for the network that includes the Deep Discovery Inspector IP address.
    3. IPv4 gateway: The IP address of the network gateway.
    4. IPv4 DNS server 1: The IP address of the primary server that resolves host names to an IP address.
    5. IPv4 DNS server 2 (optional): The IP address of the secondary server that resolves host names to an IP address.
  6. (Optional) Configure an IPv6 address.
    1. Select Enable IPv6 address.
      The IPv6 address settings appear.
    2. Specify the following IPv6 address settings:
      • IPv6 address: The alphanumeric address specifically for Deep Discovery Inspector.
      • IPv6 subnet prefix length: Indicates the prefix length for the network that includes the Deep Discovery Inspector IP address.
      • IPv6 gateway: The IP address of the network gateway.
      • (Optional) IPv6 DNS server: The IP address of the server that resolves host names to an IP address.
  7. (Optional) Enable Always use TLS 1.2 or above.
    Important
    Important
    The appliance must be restarted after Always use TLS 1.2 or above is enabled or disabled.
    When enabled, Deep Discovery Inspector cannot connect to products/services that do not support TLS 1.2 and above.
    Note
    Note
    To be compliant with the Payment Card Industry Data Security Standard (PCI-DSS) v3.2, the appliance should use TLS 1.2 or above for all inbound and outbound connections.
    Ensure that the integrated products and services are using the latest version that support TLS 1.2 or above. For details, see TLS Support for Integrated Products/Services.
    Verify that the following products/services are configured to use TLS 1.2 or above.
    • The ActiveUpdate server source at AdministrationUpdatesComponent UpdatesSource must use HTTPS.
    • The Apex Central server address at AdministrationIntegrated Products/ServicesApex Central must use HTTPS.
    • The syslog servers at AdministrationIntegrated Products/ServicesSyslog must use SSL.
    • The SMTP server at AdministrationSystem SettingsSMTP must use SSL/TLS or STARTTLS.
    • The Threat Intelligence Sharing service at AdministrationIntegrated Products/ServicesThreat Intelligence Sharing must use only HTTPS (disable Share information using HTTP).
  8. Click Save.