Integrating Threat Investigation Center Parent topic

The following steps integrate Threat Investigation Center via a built-in agent.
Additional steps may need to be performed on Threat Investigation Center. For details, see the Threat Investigation Center documentation.

Procedure

  1. Open the Deep Discovery Inspector management console, and go to the AdministrationIntegrated Products/ServicesThreat Investigation Center.
    The Threat Investigation Center screen appears.
  2. Click Add.
    The Add Threat Investigation Center Server window appears.
  3. Select Enabled.
  4. In Server address, type the HTTPS log server address for Threat Investigation Center.
  5. (Optional) Enable File retrieval.
    Note
    Note
    When file retrieval is enabled, Threat Investigation Center collects the investigation package and packet capture files from Deep Discovery Inspector. This feature is available when Deep Discovery Inspector is registered to Threat Investigation Center.
  6. (Optional) Enable Use CA certificate and then click Select to select the Threat Investigation Center CA certificate.
    Note
    Note
    Using a CA certificate is optional. A certificate is necessary when there is a man-in-the-middle appliance between the Threat Investigation Center server and Deep Discovery Inspector.
  7. (Optional) Enable Use the system proxy settings.
    Note
    Note
    Configure the system proxy settings at AdministrationSystem SettingsProxy.
  8. (Optional) Click Test Connection to verify the connection to the Threat Investigation Center server.
  9. Click Save.