Trend Micro Deep Discovery Inspector Online Help
Contents
Index
Search
Collapse All
Expand All
Previous Page
Next Page
Privacy and Personal Data Collection Disclosure
Preface
Documentation
Audience
Document Conventions
Introduction
About Deep Discovery Inspector
What's New
Features and Benefits
Threat Management Capabilities
APT Attack Sequence
Host Severity
Advanced Threat Scan Engine
Virtual Analyzer
Preconfiguration
Preconfiguration Console
Preconfiguration Console Access
Accessing the Preconfiguration Console with a VGA Port
Accessing the Preconfiguration Console with a Serial Port
Preconfiguration Console Main Menu
Viewing Appliance Information and Status
Modifying Device Settings
Modifying Interface Settings
System Tasks
System Tasks Overview
Performing a Diagnostic Test
Performing a Ping Test
Restarting Deep Discovery Inspector
Changing the Root Password
Logging Off
Get Started
Preconfiguration Console
Get Started Tasks
Management Console
Management Console Requirements
Opening the Management Console
Management Console Account Passwords
Changing an Administrator Account Password
Changing a Viewer Account Password
Logging On With Single Sign-On
Network
Configuring the Appliance IP Settings
Network Format Rules
Managing Network Interface Ports
Dashboard
Dashboard Overview
Tabs
Tab Tasks
Adding/Modifying Tabs
Moving Tabs
Closing/Deleting Tabs
Widgets
Widget Tasks
Adding Widgets to the Dashboard
About Deep Discovery Inspector Widgets
Deep Discovery Inspector Widgets
Deep Discovery Inspector Default Widget Tabs
Summary
Threats at a Glance
Top Affected Hosts
Threat Summary
Malicious Scanned Network Traffic
Scanned Traffic by Protocol Type
Threat Monitoring
Threat Geographic Map
Viewing Information on the Threat Geographic Map
Monitored Network Traffic in Past 30 Days
Virtual Analyzer Status
Top Hosts with Virtual Analyzer Detections
Top Malicious Sites Analyzed by Virtual Analyzer
Top Suspicious Files
Virtual Analyzer
Top Trends
Top Disruptive Applications
Top Malicious URLs Detected
System Status
CPU Usage
Disk Usage
Memory Usage
Optional Widgets
All Scanned Traffic
Malicious Real-time Network Traffic
Real-time Scanned Traffic
Top Exploited Hosts
Top Grayware-infected Hosts
Top Malicious Content Detected
Top Malware-infected Hosts
Top Suspicious Behaviors Detected
Detections
About the Detections Screen
Affected Hosts
Display Options and Search Filters
Viewing Affected Hosts
Viewing Affected Hosts - Host Details
Viewing Affected Hosts - Detection Details
Affected Hosts - Detection Details
Affected Hosts - Detection Details - Connection Details
Affected Hosts - Detection Details - Detection Information
Affected Hosts - Detection Details - Connection Summary
Affected Hosts - Detection Details - Protocol Information
Affected Hosts - Detection Details - File Information
Affected Hosts - Detection Details - Additional Information
Affected Hosts - Detection Details - File Analysis Result
Affected Hosts - Detection Details - File Analysis Result - File Information
Affected Hosts - Detection Details - File Analysis Result - YARA Detections
Affected Hosts - Detection Details - File Analysis Result - Notable Characteristics
Affected Hosts - Detection Details - Suspicious Object and Related File Analysis Result
Affected Hosts - Detection Details - Suspicious Object Information
Affected Hosts - Detection Details - Related Analyzed File Information
Affected Hosts - Detection Details - Mitigation Suggestions
Affected Hosts Advanced Search Filter
About Affected Hosts Advanced Search Filter
Adding an Affected Hosts Advanced Search Filter
Editing an Affected Hosts Saved Search
Deleting an Affected Hosts Saved Search
Importing Affected Hosts Saved Searches
Exporting Affected Hosts Saved Searches
About Affected Hosts - Host Details Advanced Search Filter
Adding an Affected Hosts - Host Details Advanced Search Filter
Editing an Affected Hosts - Host Details Saved Search
Deleting an Affected Hosts - Host Details Saved Search
Importing Affected Hosts - Host Details Saved Searches
Exporting Affected Hosts - Host Details Saved Searches
C&C Callback Addresses
Viewing C&C Callback Addresses
Suspicious Objects
Viewing Suspicious Objects
Retro Scan
Retro Scan and the Smart Protection Network
Enabling Retro Scan
Retro Scan Screen
Retro Scan Report Details Screen
Disable Retro Scan
Disabling Retro Scan
All Detections
Display Options and Search Filters
Viewing All Detections
Viewing All Detections - Detection Details
All Detections - Detection Details
All Detections - Detection Details - Connection Details
All Detections - Detection Details - Detection Information
All Detections - Detection Details - Connection Summary
All Detections - Detection Details - Protocol Information
All Detections - Detection Details - File Information
All Detections - Detection Details - Additional Information
All Detections - Detection Details - File Analysis Result
All Detections - Detection Details - File Analysis Result - File Information
All Detections - Detection Details - File Analysis Result - YARA Detections
All Detections - Detection Details - File Analysis Result - Notable Characteristics
All Detections - Detection Details - Suspicious Object and Related File Analysis Result
All Detections - Detection Details - Suspicious Object Information
All Detections - Detection Details - Related Analyzed File Information
All Detections - Detection Details - Mitigation Suggestions
All Detections Advanced Search Filter
Adding an All Detections Advanced Search Filter
Editing an All Detections Saved Search
Deleting an All Detections Saved Search
Importing All Detections Saved Searches
Exporting All Detections Saved Searches
Reports
About Reports
Scheduled Reports
Schedules
Scheduling a Report
Deleting a Report Schedule
On-demand Reports
Generating an On-demand Report
Deleting an On-demand Report
Customization
Customizing Reports
Administration
Updates
Component Updates
Components to Update
Component Update Methods
Component Update Tasks
Manual Updates
Performing Manual Updates
Scheduled Updates
Update Source
Configuring the Update Source
Product Updates
Hot Fixes / Patches
Applying a Hot Fix / Patch
Rolling Back a Hot Fix / Patch
Service Packs / Version Upgrade
Applying a Service Pack / Version Upgrade
Clearing the Browser Cache
Notifications
Configuring Threat Detection Notifications
Configuring High Risk Hosts Detections Notifications
Adding to the High Risk Hosts Detections Notification Exclusion List
Configuring Suspicious Hosts Detections Notifications
Configuring High Network Traffic Notifications
Configuring Unanalyzed Sample Detections Notifications
Configuring Virtual Analyzer Detections Notifications
Configuring Deny List Notifications
Configuring Retro Scan Detections Notifications
Delivery Options
Configuring Email Notification Settings
Monitoring / Scanning
Hosts / Ports
Configuring Hosts / Ports
Threat Detections
Configuring Threat Detections
Smart Protection
About Smart Protection Server
Setting Up Smart Protection Server
Managing the Smart Protection Server List
Web Reputation
Configuring Web Reputation Settings
Application Filters
Configuring Application Filter Settings
Deny List / Allow List
Deny List / Allow List Format Rules
Configure Deny Lists / Allow Lists
Configuring Deny Lists / Allow Lists
Format Rules for Importing Deny Lists / Allow Lists
Exporting Custom Deny Lists / Allow Lists
Importing Custom Deny Lists / Allow Lists
Detection Rules
Configuring Detection Rules Settings
Packet Capture
Adding a Packet Capture Rule
Detection Exceptions
Configuring Detection Exceptions
Virtual Analyzer
Virtual Analyzer Setup
Enabling Virtual Analyzer
File Submissions
Certified Safe Software Service
File Submission Rules
File Submission Rule Types and Criteria
File Submission Rules Screen
Adding a File Submission Rule
Internal Virtual Analyzer
Sandbox Management
Virtual Analyzer Status
Virtual Analyzer Images
Image Preparation
Importing an Image
Importing an Image Using the Virtual Analyzer Image Import Tool
Modify Instances
Modifying Instances
Deleting Instances
Archive Passwords
Adding an Archive Password
Sandbox for macOS
YARA Rules
Creating a YARA Rule File
Adding a YARA Rule File
Editing a YARA Rule File
Deleting a YARA Rule File
Exporting a YARA Rule File
Network Groups and Assets
Adding Network Groups
Adding Registered Domains
Adding Registered Services
Importing/Exporting Configuration Settings
Integrated Products/Services
Integrated Trend Micro Products/Services
Trend Micro Vision One
Registering to Trend Micro Vision One
Unregistering from Trend Micro Vision One
Apex Central
Apex Central Components
Registering to Apex Central
Unregistering from Apex Central
Managing the Connection with Apex Central
Deep Discovery Director
Registering to Deep Discovery Director
Unregistering from Deep Discovery Director
Threat Investigation Center
Integrating Threat Investigation Center
Threat Intelligence Sharing
Configuring Threat Intelligence Sharing Settings
Inline Products/Services
Trend Micro TippingPoint Security Management System (SMS)
Configuring Trend Micro TippingPoint Security Management System (SMS)
Check Point Open Platform for Security (OPSEC)
Configuring Check Point Open Platform for Security (OPSEC)
Preconfiguring a Security Gateway
Configuring a Secured Connection
IBM Security Network Protection
Configuring IBM Security Network Protection
Palo Alto Panorama or Firewalls
Configuring Palo Alto Panorama or Firewalls
SAML Authentication
Service Provider Metadata and Certificate
Configuring Identity Provider Settings
Configuring Okta
Configuring Active Directory Federation Services
Configuring Endpoints for Single Sign-on through AD FS
Microsoft Active Directory
Configuring Microsoft Active Directory Integration
Syslog
Adding a Syslog Server
Mitigation Products/Services
Enabling/Disabling Mitigation Products/Services Enforcement
Registering to Mitigation Products/Services
Unregistering from Mitigation Products/Services
Configuring Mitigation Exceptions
System Settings
Network
Network Interface
Proxy
Configuring a Proxy Server
SMTP
Configuring SMTP Settings
SNMP
Configuring SNMP Trap Mode
Configuring SNMP Agent Mode
HTTPS Certificate
Generating an HTTPS Certificate
Importing an HTTPS Certificate
Time
Configuring Time Options
Session Timeout
Configuring Session Timeout
Accounts
About Accounts
User Roles and Menu Item Permissions
Adding a Local Account
Adding an Active Directory Account
Adding a SAML Account
Editing an Account
Resetting an Account Password
Deleting an Account
Unlocking an Account
System Logs
Querying System Logs
System Maintenance
Storage Maintenance
Performing Storage Maintenance
Performing Product Database Maintenance
Configuring File Size Settings
Backup / Restore
Backing Up File Settings
Importing File Settings
Restoring Default Settings
Power Off / Restart
Restarting Deep Discovery Inspector
Powering Off Deep Discovery Inspector
Licenses
Activation Codes
Product Version
Deep Discovery Inspector License Expiry
Activating or Renewing Licenses
Troubleshoot
Frequently Asked Questions (FAQs)
FAQs - Appliance Rescue
FAQs - Configuration
FAQs - Detections
FAQs - Installation
FAQs - Upgrade
FAQs - Virtual Analyzer Image
Troubleshooting
Slow Management Console Response
Detections
No Detections on All Detections Screen
"Unregistered Service" Server Displays in All Detections Query
Unknown IP Addresses Display on a Screen
Known Safe Objects Flagged as Malicious
"Database is Corrupt" Alert Displays
Virtual Analyzer
Cannot Upload OVA
No Virtual Analyzer Response to File Submissions
Virtual Analyzer Images
Installation CD/DVD Won't Start
"Found New Hardware" Wizard
An Image Displays a Blue Screen
Cannot Connect to Network Services
Diagnostics
Technical Support
Troubleshooting Resources
Using the Support Portal
Threat Encyclopedia
Contacting Trend Micro
Speeding Up the Support Call
Sending Suspicious Content to Trend Micro
Email Reputation Services
File Reputation Services
Web Reputation Services
Other Resources
Download Center
Documentation Feedback
Appendices
Virtual Analyzer Supported File Types
Settings Replicated by Deep Discovery Director
TLS Support for Integrated Products/Services
Service Addresses and Ports
documentation feedback
[1]
support
resolve issues faster
[1]
Search
Toggle search result highlighting
Component Updates
Download and deploy product components used to scan for and detect network threats. Because
Trend Micro
frequently creates new component versions, perform regular updates to address the latest threats.
Related information
Components to Update
Component Update Methods
Component Update Tasks
Manual Updates
Scheduled Updates
Update Source