Deep Discovery Web Inspector Online Help

Collapse AllExpand All
  • about
    • Maintenance Agreement [1]
  • about screen
    • Deep Discovery Web Inspector product information [1]
    • viewing firmware version [1]
    • viewing product information [1]
  • accessing
    • Command Line Interface [1]
    • deployment wizard [1]
    • management console [1]
    • using the CLI to configure management console [1]
  • access logs
    • sending to a syslog server [1]
  • access syslog
    • benefits, sending to a syslog server [1]
  • accounts [1]
    • adding [1]
    • adding Active Directory user, for notifications/reports [1]
    • adding for console access [1]
    • adding local user [1]
    • administration [1]
    • editing [1]
    • managing [1]
    • role-based access [1]
    • role classifications [1]
    • using for console access [1]
    • See also local user accounts
  • actions
    • configuring for policies [1]
  • activating
    • product licenses [1]
  • activating license
    • during deployment [1]
  • activation code
    • finding in license description [1]
    • requirements [1]
  • activation codes
    • for licenses [1]
  • Active Directory
    • Active Directory Services providing integration with [1]
    • adding user accounts for notifications/reports [1]
    • authentication using Active Directory Services integration [1]
    • configuring authentication policies for Active Directory Services [1]
    • configuring global authentication settings using [1]
    • enabling authentication using [1]
    • Services, adding domains to [1]
    • Services, managing domains [1]
    • using for authentication with Captive Portal [1]
  • Active Directory Services
    • configuring authentication policies for [1]
    • integration for authentication using Active Directory [1]
    • managing authentication policies [1]
    • managing domains [1]
    • providing integration with Microsoft Active Directory [1]
  • adding
    • accounts [1]
    • Active Directory Services authentication policies [1]
    • Active Directory Services domains [1]
    • approved/blocked lists [1]
    • bypass/redirect policy entries [1]
    • certificate exceptions [1] [2]
    • custom pattern for intelligent decryption [1]
    • digital certificates [1]
    • domain objects [1] [2]
    • domains to Active Directory Services [1]
    • HTTPS decryption rules [1] [2]
    • inactive CA certificates [1]
    • local user accounts [1]
    • network objects [1] [2]
    • policies [1] [2]
    • second bypass adapter [1] [2]
    • Server IP addresses, domains, URLs, file (SHA1)s to the approved/blocked lists [1]
    • static routes [1] [2]
    • synchronized suspicious objects to the approved/blocked lists [1]
    • trusted CA certificates [1]
    • untrusted CA certificates [1]
    • widgets to tabs [1]
  • admin
    • default account [1]
  • administration [1] [2] [3] [4] [5]
    • accounts, adding accounts [1]
    • accounts, adding local user accounts [1]
    • accounts, editing accounts or changing passwords on accounts [1]
    • accounts, managing accounts [1]
    • accounts, role classifications [1]
    • accounts / contacts, overview [1]
    • adding Active Directory user accounts for notifications/reports [1]
    • admin account [1]
    • back up settings [1] [2]
    • components [1]
    • components updates, rolling back updates [1]
    • component updates [1]
    • component updates, list of components [1]
    • component updates, scheduling updates [1]
    • component updates, updating components [1]
    • configure integration with Deep Discovery Analyzer [1]
    • deployment wizard [1]
    • deployment wizard, accessing [1]
    • deployment wizard, configuring forward proxy mode [1]
    • deployment wizard, configuring LACP deployments [1]
    • deployment wizard, configuring multi-bridge mode [1]
    • deployment wizard, configuring transparent bridge mode [1]
    • deployment wizard, configuring transparent HA mode [1]
    • hotfixes [1]
    • integrated products/services [1]
    • integrated products/services, adding a detection syslog server [1]
    • integrated products/services, Apex Central [1]
    • integrated products/services, Apex Central tasks [1]
    • integrated products/services, configuring threat intelligence sharing settings [1]
    • integrated products/services, log settings [1] [2] [3]
    • integrated products/services, overview of integration with Apex Central [1]
    • integrated products/services, overview of integration with Deep Discovery Director [1]
    • integrated products/services, registering Apex Central [1]
    • integrated products/services, threat intelligence sharing overview [1]
    • integrated products/services, unregistering Apex Central [1]
    • integrated products/services, unregistering from Deep Discovery Director [1]
    • integrated products/services, viewing Deep Discovery Director integration information [1]
    • licenses [1]
    • licenses, activating product licenses [1]
    • licenses, managing product licenses [1]
    • licenses, product license description [1]
    • licenses, product license statuses [1]
    • licenses, viewing product licenses [1]
    • managing contacts [1]
    • product updates, hotfixes and patches overview [1]
    • product upgrades, firmware upgrades [1]
    • product upgrades, managing patches [1]
    • reasons to perform backups [1]
    • restore settings [1] [2]
    • system maintenance [1] [2]
    • system maintenance, backing up or restoring a configuration [1]
    • system maintenance, bypass/redirect policy priorities and precedence [1]
    • system maintenance, configuring bypass/redirect policies [1]
    • system maintenance, configuring bypass policies [1]
    • system maintenance, configuring debug log level [1]
    • system maintenance, configuring redirect policies [1]
    • system maintenance, enabling/disabling bypass mode [1]
    • system maintenance, exporting and downloading debug files [1]
    • system maintenance, exporting debug or error logs [1]
    • system maintenance, network packet capture [1] [2]
    • system maintenance, network services diagnostics [1]
    • system maintenance, storage log deletion settings [1] [2]
    • system maintenance, storage maintenance settings [1]
    • system maintenance, testing network connections [1]
    • system settings [1]
    • system settings, adding static routes [1]
    • system settings, authentication certificates [1]
    • system settings, configuring network settings [1]
    • system settings, configuring proxy settings [1]
    • system settings, configuring system time [1]
    • system settings, managing static routes [1]
    • system settings, notification SMTP server [1]
    • system settings, X-Header handling [1]
    • unable to restore settings [1] [2]
    • Virtual Analyzer [1]
    • Virtual Analyzer, configuring network connections for [1]
    • Virtual Analyzer, deleting images [1]
    • Virtual Analyzer, image preparation overview [1]
    • Virtual Analyzer, image status and information [1]
    • Virtual Analyzer, importing images [1]
    • Virtual Analyzer, importing images from HTTP or FTP server [1]
    • Virtual Analyzer, importing images from local source [1]
    • Virtual Analyzer, modifying instances [1]
    • Virtual Analyzer, network types [1]
    • Virtual Analyzer, overall statuses [1]
    • Virtual Analyzer, suspicious object scanning overview [1] [2]
    • Virtual Analyzer, viewing status [1]
    • Virtual Analyzer integration with Deep Discovery Analyzer [1]
  • administrator accounts
  • admin menu
  • advanced detection
    • benefits of [1]
  • advanced filter list
    • detected by [1]
  • advanced filters
    • detected by, field in list of [1]
  • advanced persistent threats
    • attach sequence [1]
    • information about [1]
    • protection against [1]
  • advanced search filters
    • applying saved [1]
    • creating and editing [1]
  • advanced threat detections in specified network groups
    • critical alerts [1]
    • parameters for alert [1]
  • Advanced Threat Indicators
  • advanced threats
    • Advanced Threat Indicators widget [1]
  • Advanced Threat Scan Engine [1]
  • agreement
    • maintenance [1]
  • alert rules
    • configuring alert notifications [1]
    • modifying [1]
    • overview [1]
  • alerts [1]
    • adding contacts for receiving [1]
    • configuring alert notifications [1]
    • contacts for receiving [1]
    • critical alerts [1] [2]
    • informational and important alerts [1] [2]
    • managing triggered [1]
    • notification parameters [1]
    • notification parameters for critical [1]
    • notification parameters for important and informational alerts [1]
    • overview [1]
    • viewing, deleting, or exporting triggered [1]
    • viewing triggered [1]
  • Android device bypass
    • enabling or disabling [1]
  • Anti-Botnet
    • detected by [1]
  • anti-malware (ATSE)
    • detected by [1]
  • anti-malware (SAL)
    • detected by [1]
  • anti-malware (SIE)
    • detected by [1]
  • Apex Central
    • checking connection status [1]
    • consideration when used with threat intelligence sharing [1]
    • integration with [1]
    • managing tasks [1]
    • overview [1]
    • overview of integration with [1]
    • preparing for deployment [1]
    • providing synchronized suspicious objects integration with [1]
    • registering [1]
    • support for synchronizing suspicious objects with [1]
    • synchronize suspicious objects [1]
    • unregistering [1]
    • viewing suspicious objects synchronized from [1]
    • what functionality is integrated with [1]
  • appliance
    • setting up for deployment [1]
  • approved/blocked lists
    • adding Server IP addresses, domains, URLS, file (SHA1)s to the [1]
    • adding synchronized suspicious objects to the [1]
    • managing [1]
    • viewing, adding, editing, importing, exporting [1]
  • approved list
  • APT [1]
    • See also advanced persistent threats
  • ATSE [1] [2]
  • attacker [1]
  • audit
    • viewing audit logs [1]
  • audit logs
    • list of what is audited [1]
    • overview [1]
    • viewing [1]
  • authentication
    • configuring global settings for Active Directory [1]
    • managing domains for Active Directory Services used for [1]
    • policies
      • configuring authentication policies for Active Directory Services [1]
    • policies,configuring for Active Directory Services [1]
    • policies, managing Active Directory Services [1]
    • using Active Directory for authentication with Captive Portal [1]
    • using Active Directory Services for [1]
  • authentication certificates
  • authentication policies
    • adding, viewing, modifying, duplicating, removing, and ordering Active Directory Services [1]
    • configuring for Active Directory Services [1]
    • enabling or disabling Active Directory Services [1]
    • managing Active Directory Services [1]
  • auto tunneling
    • HTTP decryption rules [1]
  • auto tunnels
    • managing in the HTTPS domain tunnel list [1]
  • backup [1] [2]
  • backups
    • creating to restore configuration or replicate settings across devices [1]
  • bandwidth
    • Bandwidth Status widget [1]
  • Bandwidth Status
  • basic search filters
    • detections [1]
  • benefits
    • advanced detection [1]
    • description of [1]
    • easy-to-use policy management [1]
    • flexible deployment [1]
    • HTTP/2 scanning [1]
    • HTTPS inspection [1]
    • patient zero protection [1]
    • real-time visibility, analysis, action [1]
    • send access syslogs to a syslog server [1]
    • Virtual Analyzer sandbox analysis [1]
  • blocked list
  • blocked URLs
    • detected by [1]
  • Bot Pattern [1]
  • bridge mode
    • configuring redirect and bypass policies [1]
  • browsers
    • supported [1] [2]
    • supported for deployment [1]
  • bypass
    • policies, configuring [1]
  • bypass/redirect policies
    • viewing, adding, editing, importing/exporting, deleting entries [1]
  • bypass adapter
  • bypass mode
    • enabling or disabling [1]
  • bypass policies
    • configuring [1]
    • configuring for bridge mode [1]
    • managing [1]
    • priorities and precedence [1]
  • C&C [1]
  • C&C Callback Detections Over Time
  • C&C callbacks
    • C&C Callback Detections Over Time widget [1]
    • threat indicator [1]
  • C&C callbacks detected in specified network groups
    • critical alerts [1]
    • parameters for alert [1]
  • cables
    • requirements [1]
  • callback [1]
  • Captive Portal
    • configuring global authentication settings for [1]
    • global authentication global for [1]
    • overview [1]
    • using Active Directory Services for authenticating with [1]
  • capture
    • See network packet capture
  • capturing
    • network packet captures [1]
  • certificate exceptions
    • adding/editing [1]
    • managing [1]
  • certificates
    • adding/editing certificate exceptions [1]
    • importing authentication certificates [1]
    • managing certificate exceptions [1]
    • managing inactive CA certificates [1]
    • managing trusted CA certificates [1]
    • managing untrusted CA certificates [1]
  • changing
  • changing passwords
    • on accounts [1]
  • classifications
    • account role [1]
    • detected by [1]
  • CLI [1]
    • See also Command Line Interface
  • clients
    • installing the Deep Discovery Web Inspector CA certificate on clients [1]
  • coin miners detected in specified network groups
    • parameters for alert [1]
  • command-and-control [1]
  • command line interface
    • entering the shell environment [1]
    • using to configure management console access [1]
  • Command Line Interface
  • components
    • list of updateable [1]
    • rolling back [1]
    • updates [1]
    • updating [1]
  • components updates
    • rolling back updates [1]
  • component update or rollback failed
    • important alerts [1]
    • parameters for alert [1]
  • component updates
    • administration [1]
    • list of updateable components [1]
    • updating components [1]
  • configuration settings
    • backup or restore [1]
  • configuring
    • authentication policies for Active Directory Services [1]
    • debug log levels [1]
    • forward proxy mode using deployment wizard [1]
    • global authentication settings [1]
    • iOS/Android device bypass [1]
    • LACP transparent HA or transparent bridge deployments [1]
    • management console access [1]
    • multi-bridge mode using deployment wizard [1]
    • network settings [1]
    • notification SMTP servers [1]
    • NTP servers [1]
    • proxy settings [1]
    • system time [1]
    • threat intelligence sharing settings [1]
    • transparent bridge mode using deployment wizard [1]
    • transparent HA mode using deployment wizard [1]
    • using the management console [1]
    • X-Header handling settings [1]
  • connections
    • Connection Status widget [1]
  • connection status
    • Apex Central [1]
  • Connection Status
  • considerations
    • pre-deployment [1]
  • console access
    • adding accounts for [1]
    • using accounts for [1]
  • console navigation [1]
  • contacts
    • adding for notifications alerts, and reports [1]
    • administration [1]
    • for receiving alerts and reports [1]
    • managing [1]
    • using for scheduled reports [1]
  • content format parameters
    • syslog server profile [1]
  • CPU usage
    • Hardware Status widget [1]
  • creating
    • backups for restoring configuration or to replicate settings across devices [1]
  • critical alerts
    • configuring notifications for [1]
    • default alert frequency [1]
    • default criteria [1]
    • information about [1]
    • names of [1]
    • notification parameters for [1]
    • overview [1]
    • viewing triggered alerts [1]
  • CSR
    • generating for HTTPS decryption rules [1] [2]
  • custom network
    • configuring for Virtual Analyzer network connections [1]
    • Virtual Analyzer network type [1]
  • custom pattern
    • adding for intelligent decryption [1]
  • dashboard [1]
    • adding widgets [1]
    • dashboard
    • default tabs [1]
    • default view [1]
    • list of widgets [1]
    • managing tabs [1]
    • managing widgets [1]
    • overview [1]
    • System Status tab [1]
    • System Status tab, Bandwidth Status widget [1]
    • System Status tab, Connection Status widget [1]
    • System Status tab, Hardware Status widget [1]
    • System Status tab, Traffic Status widget [1]
    • tabs [1]
    • Threat Monitoring tab [1]
    • Threat Monitoring tab, Advanced Threat Indicators widget [1]
    • Threat Monitoring tab, C&C Callback Detections Over Time widget [1]
    • Threat Monitoring tab, Ransomware Detections Over Time widget [1]
    • Threat Monitoring tab, Top Affected Users widget [1]
    • Threat Monitoring tab, Top Detected URLs widget [1]
    • Threat Monitoring tab, Virtual Analyzer Sandbox Analysis widget [1]
    • Virtual Analyzer Status tab, Virtual Analyzer Average Processing Time widget [1]
    • Virtual Analyzer Status tab, Virtual Analyzer Queue widget [1]
    • Virtual Analyzer tab [1]
    • Virtual Analyzer tab, Suspicious Objects from Virtual Analyzer widget [1]
    • widgets [1]
  • date
    • manually setting [1]
  • debug files
    • exporting and downloading [1]
  • debug log levels
    • configuring [1]
  • debug logs
    • exporting [1]
  • decryption categories
    • HTTP decryption rules [1]
  • decryption domain objects
    • HTTP decryption rules [1]
  • decryption rules
    • for HTTPS, overview [1]
    • viewing HTTPS [1]
  • decryption sources
    • HTTP decryption rules [1]
  • Deep Discovery Analyzer
    • configuring integration with [1]
    • integration with [1]
    • providing virtual analysis by integration with [1]
    • Virtual Analyzer external integration with [1]
    • Virtual Analyzer scanning using [1]
  • Deep Discovery Analyzer integration [1]
  • Deep Discovery Director
    • consideration when used with threat intelligence sharing [1]
    • integration with [1]
    • overview of integration with [1]
    • providing centralized management by integration with [1]
    • providing synchronized suspicious objects integration with [1]
    • support for synchronizing suspicious objects with [1]
    • viewing information about integration with [1]
    • viewing suspicious objects synchronized from [1]
  • Deep Discovery Malware Pattern [1]
  • Deep Discovery Trusted Certificate Authorities [1]
  • default
    • dashboard view [1]
    • widgets displayed in predefined tabs [1]
  • default account
  • default policy
    • how it works [1]
    • overview [1]
    • what you can and cannot do with [1]
  • delete admin accounts [1]
  • deleting
    • bypass/redirect policies [1]
    • certificate exceptions [1]
    • digital certificates [1]
    • inactive CA certificates [1]
    • static routes [1]
    • triggered alerts [1]
    • trusted CA certificates [1]
    • untrusted CA certificates [1]
    • Virtual Analyzer images [1]
  • deleting, editing, adding
  • deploying
    • forward proxy mode using deployment wizard [1]
    • LACP using deployment wizard [1]
    • multi-bridge mode using deployment wizard [1]
    • transparent bridge mode using deployment wizard [1]
    • transparent HA mode using deployment wizard [1]
  • deployment [1]
    • activating the license [1]
    • Apex Central [1]
    • benefits of flexible [1]
    • browser and system requirements [1]
    • deployment mode overview [1]
    • enabling and starting SSH service [1]
    • forward proxy mode [1]
    • initial deployment for LACP [1]
    • initial deployment of forward proxy mode [1]
    • initial deployment of multi-bridge mode [1]
    • initial deployment of transparent bridge mode [1]
    • initial deployment of transparent HA mode [1]
    • items to prepare [1]
    • LACP [1]
    • multi-bridge mode [1]
    • opening the management console [1]
    • ports used by appliance [1]
    • recommended network environment [1]
    • setting up the appliance [1]
    • setting up the hardware [1]
    • tasks to perform before [1]
    • transparent bridge mode [1] [2]
    • transparent bridge mode with trunks [1]
    • transparent HA [1]
    • transparent HA mode [1]
    • transparent HA mode with trunk links [1]
    • using CLI to configure management console access [1]
    • using the deployment wizard [1]
  • deployment mode
    • forward proxy [1]
    • multi-bridge [1]
    • transparent bridge [1] [2]
    • transparent bridge with trunk links [1]
    • transparent bridge with trunks [1]
    • transparent HA [1] [2] [3]
    • transparent HA with trunk links [1]
    • with LACP [1]
  • deployment modes
    • ports used for each mode [1]
  • deployment wizard
    • accessing [1]
    • accessing and configuring deployments using the [1]
    • configuring forward proxy mode [1]
    • configuring LACP deployments [1]
    • configuring multi-bridge mode [1]
    • configuring transparent bridge mode [1]
    • configuring transparent HA mode [1]
    • initial deployment for LACP [1]
    • initial deployment of forward proxy mode [1]
    • initial deployment of multi-bridge mode [1]
    • initial deployment of transparent bridge mode [1]
    • initial deployment of transparent HA mode [1]
    • performing initial deployment [1]
  • detected by
    • advanced filter [1]
    • classifications [1]
    • classifications for detection [1]
  • detection [1]
  • detection details
    • investigating [1]
    • list of [1]
  • detection logs
    • sending to a syslog server [1]
  • detections [1]
    • advanced filters, detected by [1]
    • applying saved advanced search filters [1]
    • basic search filters [1]
    • creating advanced search filters [1]
    • detected by classifications [1]
    • editing existing advanced search filters [1]
    • investigating details about [1]
    • list of detection details [1]
    • overview about viewing [1]
    • overview about viewing suspicious objects [1]
    • risk levels [1] [2]
    • suspicious domain objects [1]
    • suspicious file objects [1]
    • suspicious IP address objects [1]
    • suspicious URL objects [1]
    • threat indicator classifications [1]
    • threat indicators [1]
    • viewing all [1]
    • viewing file [1]
    • viewing for affected users [1]
    • viewing synchronized suspicious objects [1]
    • viewing URL [1]
    • Virtual Analyzer risk levels [1]
  • detection syslog servers
  • diagnostics
    • system maintenance, network services diagnostics [1]
  • digital certificate exceptions
    • information about [1]
  • digital certificates
    • information about [1]
    • information about trusted, untrusted, inactive, and exception lists [1]
    • managing [1]
    • managing trusted, untrusted, inactive, exception lists [1]
  • disabling
    • bypass mode [1]
  • disk usage
    • Hardware Status widget [1]
  • documentation feedback [1]
  • domain objects
    • how used in policies [1]
    • managing [1]
    • selecting for policies [1]
    • viewing, adding, editing, removing, importing, exporting [1]
  • domains
    • adding to Active Directory Services [1]
    • enabling authentication using Active Directory Services for added [1]
    • managing, for Active Directory Services [1]
    • suspicious objects found by Virtual Analyzer [1]
  • domain tunnels
    • purpose for HTTPS [1]
  • download and view
    • threat intelligence data file [1]
  • Download Center
    • downloading firmware [1]
    • downloading patches and hotfixes [1]
    • URL [1] [2]
  • downloader [1]
  • downloading
    • debug files [1]
    • network packet captures [1]
    • patches and hotfixes [1]
  • duplicating
    • Active Directory Services authentication policies [1]
    • HTTPS decryption rules [1]
    • policies [1]
  • edit admin account [1]
  • editing
    • accounts [1]
    • approved/blocked lists [1]
    • bypass/redirect policies [1]
    • certificate exceptions [1] [2]
    • domain objects [1] [2]
    • HTTPS decryption rules [1] [2]
    • network objects [1] [2]
    • notifications [1] [2]
  • enabling
    • authentication using Active Directory Services [1]
    • bypass mode [1]
  • enabling and starting
    • SSH service [1]
  • enabling or disabling
    • HTTPS decryption rules [1]
    • policies [1]
  • entering
    • Command Line Interface [1]
  • error codes
    • HTTPS, why HTTPS domain tunnels are created in response to [1]
  • error logs
    • exporting [1]
  • Ethernet cables
    • requirements [1]
  • exceptions
    • digital certificates [1]
    • digital certificates, information about [1]
    • viewing HTTPS tunnel [1]
  • exfiltrate [1]
  • expiration date
    • finding in license description [1]
  • exporting
    • approved/blocked lists [1]
    • bypass/redirect policies [1]
    • debug files [1]
    • domain objects [1]
    • network objects [1]
    • triggered alerts [1]
  • export settings [1]
  • external integration
    • Virtual Analyzer with Deep Discovery Analyzer [1]
  • features
    • Active Directory Services, providing integration with Microsoft Active Directory [1]
    • advanced detection [1]
    • description of [1]
    • easy-to-use policy management [1]
    • flexible deployment [1]
    • HTTP/2 scanning [1]
    • HTTPS inspection [1]
    • integration with Apex Central [1]
    • integration with Deep Discovery Analyzer [1]
    • integration with Deep Discovery Director [1]
    • patient zero protection [1]
    • real-time visibility, analysis, action [1]
    • send access syslogs to a syslog server [1]
    • Virtual Analyzer sandbox analysis [1]
  • files
    • suspicious objects found by Virtual Analyzer [1]
    • viewing detections [1]
  • file types
    • how used in policies [1]
    • policies, list when creating [1]
    • selecting for policies [1]
  • firmware
    • downloading and updating [1]
  • firmware version
    • use about screen to view [1]
  • forward proxy
    • deployment mode, topology overview [1]
    • mode overview [1]
    • requirements [1]
  • forward proxy mode
    • accessing the deployment wizard to deploy [1]
    • configuring using deployment wizard [1]
    • initial configuration using the deployment wizard [1]
    • initial deployment using deployment wizard [1]
    • using the deployment wizard to deploy [1]
  • FTP servers
    • importing Virtual Analyzer images from [1]
  • generating
    • CSR for HTTPS decryption rules [1] [2]
    • on-demand reports [1]
  • getting started [1]
    • console navigation [1]
    • getting started tasks [1]
    • opening the management console [1]
    • tasks [1]
  • guest user
    • selecting as traffic source for policies [1]
  • hardware
    • Hardware Status widget [1]
    • setting up for deployment [1]
  • Hardware Status
  • high CPU usage
    • important alerts [1]
    • parameters for alert [1]
  • high memory usage
    • important alerts [1]
    • parameters for alert [1]
  • hotfixes
  • hot fixes
  • HTTP/2 scanning
  • HTTP decryption rules
    • generating an CSR for [1]
  • HTTPS
    • overview of decryption rules for [1]
  • HTTPS decryption rules
    • managing [1]
    • overview [1]
    • viewing [1]
    • viewing, adding, editing, duplicating, removing, ordering, creating CSR file for [1]
  • HTTPS domain tunnels
    • definition [1]
    • exception list [1]
    • managing [1]
    • overview [1]
    • purpose for [1]
    • tunneled domains List [1]
    • viewing [1]
  • HTTPS error codes
    • why HTTPS domain tunnels are created in response to [1]
  • HTTP servers
    • importing Virtual Analyzer images from [1]
  • HTTPS inspection
    • benefits and features [1]
    • configuring HTTPS decryption rules [1]
    • managing [1]
    • managing digital certificates [1]
    • managing HTTPS tunnels [1]
    • managing intelligent decryption [1]
    • overview [1] [2]
  • HTTPS Inspection
    • adding custom pattern for intelligent decryption [1]
    • managing intelligent decryption [1]
    • overview of HTTPS domain tunnels [1]
    • viewing information about tunnels [1]
  • HTTPS policy certificates
    • using as the authentication certificate [1]
  • HTTPS tunnel exceptions
  • HTTPS tunnels
    • exception list [1]
    • managing [1]
    • overview [1]
    • tunneled domains List [1]
  • image import tool
    • Virtual Analyzer, using to import from local source [1]
  • image preparation
    • Virtual Analyzer, overview of [1]
  • image preparation tool
    • Virtual Analyzer, overview of [1]
  • images
    • importing for internal virtual analyzer [1]
    • viewing status for Virtual Analyzer [1]
    • Virtual Analyzer, deleting [1]
    • Virtual Analyzer, importing [1]
    • Virtual Analyzer, importing from HTTP or FTP server [1]
    • Virtual Analyzer, importing from local source [1]
    • Virtual Analyzer, names of [1]
    • Virtual Analyzer scanning using [1]
  • important alerts
    • configuring notifications for [1]
    • default alert frequency [1]
    • default criteria [1]
    • information about [1]
    • names of [1]
    • notification parameters for [1]
    • overview [1]
    • viewing triggered alerts [1]
  • importing
    • approved/blocked lists [1]
    • bypass/redirect policies [1]
    • domain objects [1]
    • internal virtual analyzer images [1]
    • network objects [1]
    • Virtual Analyzer images [1]
    • Virtual Analyzer images from HTTP or FTP server [1]
    • Virtual Analyzer images from local source [1]
  • importing certificates
    • HTTP decryption rules [1]
  • import settings [1]
  • inactive
    • digital certificates [1]
    • digital certificates, information about [1]
  • inactive CA certificates
  • information about
    • digital certificates [1]
  • informational alerts
    • configuring notifications for [1]
    • default alert frequency [1]
    • default criteria [1]
    • information about [1]
    • names of [1]
    • notification parameters for [1]
    • overview [1]
    • viewing triggered alerts [1]
  • initial deployment
    • using the deployment wizard [1]
  • installation
    • getting started [1]
  • installing
    • firmware upgrades [1]
    • patches and hotfixes [1]
  • instances
    • number deployed for Virtual Analyzer images [1]
    • Virtual Analyzer, modifying [1]
  • integrated products/services
    • adding a detection syslog server [1]
    • administration of [1]
    • Apex Central, managing tasks [1]
    • Apex Central, overview [1]
    • configuring threat intelligence sharing settings [1]
    • log settings, configuring a detection syslog server [1]
    • overview of integration with Apex Central [1]
    • overview of integration with Deep Discovery Director [1]
    • registering Apex Central [1]
    • threat intelligence sharing overview [1]
    • unregistering Apex Central [1]
    • unregistering from Deep Discovery Director [1]
    • viewing information about Deep Discovery Director integration [1]
  • integration [1]
    • with Apex Central [1]
    • with Deep Discovery Analyzer [1]
    • with Deep Discovery Director [1]
    • with Microsoft Active Directory with Active Directory Services [1]
  • intelligent decryption
    • adding custom pattern for [1]
    • HTTP decryption rules [1]
    • managing [1]
    • overview [1]
  • IntelliTrap Exception Pattern [1]
  • IntelliTrap Pattern [1]
  • internal virtual analyzer
    • importing images [1]
  • introduction [1]
    • Deep Discovery Web Inspector [1]
    • new threat landscapes [1]
  • investigating
    • details about a detection [1]
  • iOS device bypass
    • enabling or disabling [1]
  • IP addresses
    • requirements [1]
    • suspicious objects found by Virtual Analyzer [1]
  • LACP
    • adding second bypass adapter for [1] [2]
    • configuring transparent bridge using deployment wizard [1]
    • configuring transparent HA using deployment wizard [1]
    • deployment modes that support [1]
    • graphical representation of LCAP on appliance [1]
    • how LCAP works with Deep Discovery Web Inspector [1]
    • initial configuration using the deployment wizard [1]
    • initial deployment of transparent bridge mode with [1]
    • initial deployment using deployment wizard [1]
    • support information [1]
    • topology and overview [1]
    • transparent bridge with trunks, mode overview [1]
    • transparent HA mode topology using LACP trunks [1]
  • LACP deployments
    • deployment mode, topology overview [1]
    • overview and topology [1]
  • license
    • activating during deployment [1]
  • license expiration
    • critical alerts [1]
    • parameters for alert [1]
  • licenses
    • activating product [1]
    • activation codes [1]
    • maintaining [1]
    • maintenance agreement [1]
    • managing product [1]
    • product license description [1]
    • product license statuses [1]
    • viewing product [1]
  • license type and seats
    • finding in license description [1]
  • Link Aggregation Control Protocol
    • See LACP
  • list
    • of license statuses [1]
    • of notification message tokens [1]
    • of user notifications [1]
  • lists
    • approved/blocked [1]
  • local or network folders
    • importing Virtual Analyzer images from [1]
  • local user accounts
    • adding for console access [1]
  • logs
    • audit logs [1]
    • configuring log deletion settings for storage maintenance [1]
    • exporting debug or error [1]
    • viewing audit logs [1]
  • log settings
    • configuring for detection syslog server [1]
    • to send access logs to a syslog server [1]
    • to send detection violation logs to a syslog server [1]
  • low free disk space
    • important alerts [1]
    • parameters for alert [1]
  • maintenance
    • agreement [1]
    • for licensed products [1]
    • maintenance agreement [1]
    • product licenses [1]
    • storage, configuring log deletion settings [1]
  • maintenance agreement [1]
  • Maintenance Agreement
  • management
    • Virtual Analyzer [1]
  • management console
    • navigation [1]
    • opening the [1]
    • using the CLI to configure [1]
  • management network
    • configuring for Virtual Analyzer network connections [1]
    • Virtual Analyzer network type [1]
  • management port [1]
  • managing
    • accounts [1]
    • Active Directory Services authentication policies [1]
    • Apex Central tasks [1]
    • approved/blocked lists [1]
    • authentication certificates [1]
    • bypass/redirect policies [1]
    • certificate exceptions [1]
    • contacts [1]
    • dashboard tabs [1]
    • dashboard widgets [1]
    • digital certificates [1]
    • domain objects [1]
    • domains for Active Directory Services [1]
    • HTTPS decryption rules [1]
    • HTTPS domain tunnels [1]
    • HTTPS inspection [1]
    • HTTPS tunnels [1]
    • inactive CA certificates [1]
    • intelligent decryption [1]
    • network objects [1]
    • notifications [1] [2]
    • policies [1]
    • product licenses [1]
    • static routes [1]
    • triggered alerts [1]
    • trusted CA certificates [1]
    • untrusted CA certificates [1]
    • user-defined settings [1]
    • using the management console [1]
  • maximum throughput
    • expected for each appliance model [1]
  • memory usage
    • Hardware Status widget [1]
  • Microsoft Active Directory [1]
    • See also Active Directory
  • modifying
    • Active Directory Services authentication policies [1]
    • Active Directory Services domains [1]
    • alert rules [1]
    • policies [1]
    • Virtual Analyzer instances [1]
  • moving
    • digital certificates [1]
    • inactive CA certificates [1]
    • trusted CA certificates [1]
    • untrusted CA certificates [1]
  • multi-bride mode
    • adding second bypass adapter for [1] [2]
  • multi-bridge
    • deployment mode, topology overview [1]
    • mode overview [1]
  • multi-bridge mode
    • configuring using deployment wizard [1]
    • initial configuration using the deployment wizard [1]
    • initial deployment using deployment wizard [1]
  • navigating
    • management console [1]
  • network
    • services diagnostics, system maintenance [1]
  • network connections
    • configuring for Virtual Analyzer [1]
  • Network Content Correlation Pattern [1]
  • Network Content Inspection Engine (Linux, User mode, 64-bit) [1]
  • Network Content Inspection Pattern [1]
  • network environment
    • recommended [1]
  • network is down
    • critical alerts [1]
    • parameters for alert [1]
  • network is up
    • important alerts [1]
    • parameters for alert [1]
  • network objects
    • managing [1]
    • selecting as traffic sources for policies [1]
    • viewing, adding, editing, importing/exporting, removing [1]
  • network packet capture
    • system maintenance [1]
  • network packet captures
    • capturing and downloading [1]
  • network services diagnostics
    • system maintenance [1]
  • network setting
    • ports used for each deployment mode [1]
  • network settings
    • configuring [1]
  • network topology
    • forward proxy mode [1]
    • LACP [1]
    • multi-bridge mode [1]
    • overview of deployment modes [1]
    • transparent bridge [1]
    • transparent bridge mode [1] [2]
    • transparent bridge mode with trunk links [1]
    • transparent bridge mode with trunks [1]
    • transparent HA [1]
    • transparent HA mode [1]
    • transparent HA mode with trunk links [1] [2]
  • network topology with LACP
    • deployments [1]
  • network topology with trunk links
    • transparent HA mode [1]
  • network topology with trunks
    • transparent bridge [1]
  • network types
    • Virtual Analyzer [1]
    • Virtual Analyzer, custom network, management network, no access [1]
  • new features and enhancements [1] [2]
  • no access
    • Virtual Analyzer network type [1]
  • no network access
    • configuring for Virtual Analyzer network connections [1]
  • notifications
    • adding Active Directory users for [1]
    • adding contacts for receiving [1]
    • configuring for alert rules [1]
    • configuring SMTP server for [1]
    • editing [1]
    • list of message tokens [1]
    • list of user [1]
    • managing [1]
    • parameters for alert [1]
    • parameters for critical alerts [1]
    • parameters for important and informational alerts [1]
    • viewing and editing [1]
  • NTP servers
    • configuring [1]
  • objects
    • investigating detection details about [1]
    • list of detection details [1]
  • on demand
  • on-demand
  • on-demand reports [1]
  • opening
    • management console [1]
  • operator accounts
  • ordering
    • Active Directory Services authentication policies [1]
    • HTTPS decryption rules [1]
    • policies [1]
  • other
    • detected by [1]
  • overall
    • statuses, Virtual Analyzer [1]
  • overview
    • about viewing detections [1]
    • audit logs [1]
    • authentication using Captive Portal [1]
    • Deep Discovery Web Inspector [1]
    • default policy [1]
    • detection risk levels [1]
    • domain objects [1]
    • features and benefits [1]
    • hotfixes and patches [1]
    • how patient zero protection works [1]
    • HTTPS decryption rules [1]
    • HTTPS domain tunnels [1] [2]
    • HTTPS inspection [1]
    • HTTPS tunnels [1]
    • intelligent decryption [1]
    • network objects [1]
    • of integration with Apex Central [1]
    • of integration with Deep Discovery Director [1]
    • policies [1] [2]
    • threat intelligence sharing [1]
    • viewing suspicious objects [1]
    • Virtual Analyzer, image preparation [1]
  • packet capture
    • See network packet capture
  • parameters
    • critical alerts [1]
    • for alert notifications [1]
    • for important and informational alerts [1]
    • for syslog server profile, content format [1]
  • passwords
    • changing [1] [2]
    • changing when editing account settings [1]
  • patches
  • patient zero
    • See patient zero protection
  • patient zero protection
    • benefits of [1]
    • definition [1]
    • how it works [1]
    • sandbox analysis, how it works with [1]
    • Virtual Analyzer, how it works with [1]
  • Patient Zero Protection
    • enabling for policies [1]
  • pattern
    • adding custom pattern for intelligent decryption [1]
  • policies
    • adding [1]
    • adding, viewing, modifying, duplicating, removing, and ordering [1]
    • benefit of enabling patient zero protection [1]
    • bypass/redirect, priorities and precedence [1]
    • configuring bypass [1] [2]
    • configuring bypass/redirect [1]
    • configuring iOS/Android device bypass [1]
    • configuring redirect [1] [2]
    • default policy [1] [2] [3]
    • enabling or disabling [1] [2]
    • enabling Patient Zero Protection [1]
    • how exception lists are used [1]
    • how they work [1]
    • managing [1]
    • managing Active Directory Services authentication [1]
    • managing bypass/redirect [1]
    • overview [1]
    • traffic source exceptions [1]
    • viewing [1]
    • what it means to enable patient zero protection [1]
    • what you can do from the policy menu [1]
  • policy [1]
  • policy management
    • benefits of easy-to-use [1]
  • policy rules
    • See policies
  • ports [1]
    • used by appliance [1]
    • used for each deployment mode [1]
  • pre-deployment
    • Apex Central [1]
    • browser and system requirements [1]
    • considerations [1]
    • deployment mode overview [1]
    • enabling and starting SSH service [1]
    • items to prepare [1] [2]
    • ports used by appliance [1]
    • recommended network environment [1]
    • tasks [1]
  • Predictive Machine Learning
    • detected by [1]
  • Predictive Machine Learning Pattern [1]
  • Predictive Web Pre-Filter Pattern [1]
  • preparing
    • for deployment, Apex Central [1]
    • for deployment, ports used by appliance [1]
    • items for deployment [1]
  • preparing for deployment [1]
  • product
    • license description [1]
    • license statuses [1]
  • product license [1]
  • product updates
    • hotfixes and patches overview [1]
  • product upgrades
    • managing patches [1]
    • updating firmware [1]
  • protocols
    • Bandwidth Status widget [1]
    • Connection Status widget [1]
    • Traffic Status widget [1]
  • proxy setting
    • what is affected by [1]
  • proxy settings
    • configuring [1]
  • queue
    • Virtual Analyzer Queue widget [1]
  • ransomware
    • Ransomware Detections Over Time widget [1]
    • threat indicator [1]
  • ransomware detected in specified network groups
    • critical alerts [1]
    • parameters for alert [1]
  • RAT [1]
  • recipients
    • for on-demand reports [1]
    • for scheduled reports [1]
    • managing [1]
  • recommendations
    • network environment [1]
  • redirect
    • policies, configuring [1]
  • redirect policies
    • configuring [1]
    • configuring for bridge mode [1]
    • managing [1]
    • priorities and precedence [1]
  • registering
    • Apex Central [1]
  • removing
    • Active Directory Services authentication policies [1]
    • Active Directory Services domains [1]
    • domain objects [1]
    • HTTPS decryption rules [1]
    • network objects [1]
    • policies [1]
  • replicate settings
    • across devices using backups [1]
  • reports [1]
    • adding Active Directory users for [1]
    • adding contacts for receiving [1]
    • contacts for receiving [1]
    • on demand [1] [2]
    • on-demand reports [1]
    • scheduled reports [1]
    • scheduling [1]
    • time intervals for scheduled reports [1]
  • required tasks
    • you must perform to get started [1]
  • requirements
    • deployment [1]
    • enabling and starting SSH service [1]
    • multi-bridge [1]
    • pre-deployment [1]
    • SSH access [1]
    • transparent bridge with trunk links [1]
    • transparent HA [1]
  • resetting
    • notifications to default [1]
  • resetting to default
    • notifications [1]
  • restore [1] [2]
  • restoring configuration
    • using backups [1]
  • risk levels [1]
    • how assessed [1]
    • overview [1]
    • Virtual Analyzer [1]
  • role-based access
    • adding accounts for [1]
  • roles
    • classifications for accounts [1]
  • rollback
    • components [1]
  • rolling back
    • hotfixes and patches [1]
  • sandbox analysis
    • benefits of [1]
  • sandbox images
    • viewing status for Virtual Analyzer [1]
    • Virtual Analyzer, deleting [1]
    • Virtual Analyzer, importing [1]
    • Virtual Analyzer, importing from HTTP or FTP server [1]
    • Virtual Analyzer, importing from local source [1]
    • Virtual Analyzer, names of [1]
    • Virtual Analyzer, preparation of [1]
    • Virtual Analyzer scanning using [1]
  • scanning
    • suspicious objects by Virtual Analyzer [1] [2]
  • scheduled reports [1]
    • scheduling [1]
  • schedule updates [1]
  • scheduling
  • Script Analyzer Pattern [1]
  • search filters
    • advanced, applying a saved filter [1]
    • advanced, creating and editing [1]
    • detections, basic [1] [2]
  • security patches
  • services
    • adding domains to Active Directory Services [1]
    • affected by proxy settings [1]
    • authentication using Active Directory Services [1]
  • service stopped/abnormal
    • critical alerts [1]
    • parameters for alert [1]
  • settings
    • managing user-defined [1]
  • setting up
    • hardware for deployment [1]
  • shell environment [1]
  • smart protection [1]
    • Web Reputation Services [1]
  • Smart Scan Agent Pattern [1]
  • SMTP
    • notification server, configuring [1]
  • Spyware/Grayware Pattern [1]
  • SSH
    • enabling and starting service [1]
    • requirements for access using [1]
  • SSH service
    • enabling and starting [1]
  • starting
    • SSH service [1]
  • static routes
    • adding [1]
    • adding, viewing, or deleting [1]
    • managing [1]
  • statuses
    • license [1]
    • viewing information about Deep Discovery Directory integration [1]
    • Virtual Analyzer, for each image [1]
    • Virtual Analyzer, list of overall [1]
    • Virtual Analyzer, viewing [1]
  • storage logs
    • configuring for deletion settings for [1]
  • storage maintenance
    • configuring log deletion settings [1]
  • support
    • how LACP works with Deep Discovery Web Inspector [1]
    • resolve issues faster [1]
  • suspicious
    • domain objects [1]
  • suspicious documents
    • threat indicator [1]
  • suspicious file
  • suspicious IP address
  • suspicious malware
    • threat indicator [1]
  • suspicious objects
    • domains [1]
    • file [1]
    • investigating detection details [1]
    • IP addresses [1]
    • list of detection details [1]
    • overview about viewing [1]
    • patient zero protection with Virtual Analyzer [1]
    • support for synchronizing with Apex Central [1]
    • support for synchronizing with Deep Discovery Director [1]
    • Suspicious Objects from Virtual Analyzer widget [1]
    • synchronize with Apex Central [1]
    • URLs [1]
    • viewing synchronized suspicious objects [1]
    • Virtual Analyzer scanning of [1] [2]
  • suspicious objects analysis (Virtual Analyzer)
    • detected by [1]
  • suspicious objects filtering (Virtual Analyzer)
    • detected by [1]
  • Suspicious Objects from Virtual Analyzer
  • suspicious scripts
    • threat indicator [1]
  • suspicious URL
    • objects [1]
    • threat indicator [1]
  • synchronize
    • suspicious objects using Apex Central [1]
  • synchronized suspicious objects
    • synchronized from Apex Central [1]
    • synchronized from Deep Discovery Director [1]
  • synchronizing
    • Active Directory Services domains [1]
    • suspicious objects with Apex Central [1]
    • suspicious objects with Deep Discovery Director [1]
  • syslog server
    • sending access logs to a [1]
    • sending detection violation logs to a [1]
  • syslog server profile
    • content format parameters [1]
  • syslog servers
    • adding detection [1]
  • system maintenance
    • administration [1]
    • backing up or restoring a configuration [1]
    • bypass/redirect policy priorities and precedence [1]
    • configuring bypass/redirect policies [1]
    • configuring bypass policies [1]
    • configuring debug log levels [1]
    • configuring redirect policies [1]
    • configuring storage log deletion settings [1]
    • enabling/disabling bypass mode [1]
    • exporting and downloading debug files [1]
    • exporting debug or error logs [1]
    • network packet capture [1] [2]
    • network services diagnostics [1]
    • testing network connections [1]
  • system requirements
    • deployment [1]
    • enabling and starting SSH service [1]
    • pre-deployment [1]
  • system settings
    • adding static routes [1]
    • configuring network settings [1]
    • configuring notification SMTP server [1]
    • configuring proxy settings [1]
    • configuring system time [1]
    • configuring X-Header handling settings [1]
    • list of what is configured in [1]
    • managing authentication certificates [1]
    • managing static routes [1]
  • System Status
    • dashboard tab [1]
  • System Status tab
    • Bandwidth Status widget [1]
    • Connection Status widget [1]
    • Hardware Status widget [1]
    • Traffic Status widget [1]
  • system time
    • configuring [1]
  • tab
    • System Status [1]
    • Threat Monitoring [1]
    • Virtual Analyzer [1]
  • tabs [1]
    • adding widgets to [1]
    • settings [1]
    • System Status tab [1]
    • tasks [1]
    • Threat Monitoring tab [1]
    • Virtual Analyzer tab [1]
  • tasks
    • additional, you must perform to get started [1]
    • getting started [1]
    • pre-deployment [1]
    • tabs [1]
  • threat indicators
    • classifications for detection [1]
    • detection [1]
  • threat intelligence data file
    • download and view [1]
  • threat intelligence sharing
    • consideration when used with Apex Central [1]
    • consideration when used with Deep Discovery Director [1]
    • overview [1]
  • threat intelligence sharing settings
    • configuring [1]
  • threat landscapes
    • introduction [1]
  • Threat Monitoring
    • dashboard tab [1]
  • Threat Monitoring tab
    • Advanced Threat Indicators widget [1]
    • C&C Callback Detections Over Time widget [1]
    • Ransomware Detections Over Time widget [1]
    • Top Affected Users widget [1]
    • Top Detected URLs widget [1]
    • Virtual Analyzer Sandbox Analysis widget [1]
  • throughput
    • maximum expected for each appliance model [1]
  • time
    • manually setting [1]
  • timezone
    • configuring [1]
  • tokens
    • notification, list of [1]
  • Top Affected Users
  • Top Detected URLs
  • topology
    • transparent bridge [1]
    • transparent bridge with trunk links [1]
  • traffic
    • Traffic Status widget [1]
  • traffic source exceptions
  • traffic sources
    • how used in policies [1]
    • selecting for policies [1]
  • Traffic Status
  • transparent bridge
    • deployment mode, topology overview [1]
    • mode overview [1]
    • overview [1]
    • requirements [1]
    • with trunks, mode overview [1]
    • with trunks, overview [1]
  • transparent bridge mode
    • accessing the deployment wizard to deploy [1]
    • configuring using deployment wizard [1]
    • initial configuration using the deployment wizard [1]
    • initial deployment using deployment wizard [1]
    • using the deployment wizard to deploy [1]
  • transparent bridge mode with LACP
    • adding second bypass adapter for [1] [2]
  • transparent bridge with trunk links
    • mode overview [1]
  • transparent bridge with trunks
    • mode overview [1]
  • transparent HA
    • deployment mode, topology overview [1]
    • mode overview [1] [2]
    • requirements [1]
    • with trunk links, mode overview [1]
  • transparent HA mode
    • configuring using deployment wizard [1]
    • initial configuration using the deployment wizard [1]
    • initial deployment using deployment wizard [1]
    • multi-bridge mode
      • using the deployment wizard to deploy [1]
    • network topology [1]
    • using the deployment wizard to deploy [1]
    • with trunk links, network topology [1]
  • transparent HA mode with LACP
    • adding second bypass adapter for [1] [2]
  • transparent HA with trunk links
  • triggered alerts
    • managing [1]
    • overview [1]
    • viewing [1]
    • viewing, deleting, or exporting [1]
  • true file type
    • detected by [1]
  • trusted
    • digital certificates [1]
    • digital certificates, information about [1]
  • trusted CA certificates
  • tunnels
    • purpose for HTTPS domain [1]
    • viewing HTTPS [1]
  • unregistering
    • Apex Central [1]
  • untrusted
    • digital certificates [1]
    • digital certificates, information about [1]
  • untrusted CA certificates
  • untrusted server certificate
    • detected by [1]
  • update/rollback successfully completed
    • informational alerts [1]
    • parameters for alert [1]
  • updateable components
  • updating
  • URL filtering
    • detected by [1]
  • URL Filtering Engine [1]
  • URLs
    • suspicious objects found by Virtual Analyzer [1]
    • Top Detected URLs widget [1]
    • viewing detections [1]
  • user
    • notifications, list of [1]
  • user defined settings
  • user-defined settings
    • managing [1]
    • managing approved/blocked lists [1]
    • managing domain objects [1]
    • managing network objects [1]
    • managing notifications [1]
  • user notifications
    • list of [1]
    • list of message tokens [1]
  • users
    • Top Affected Users widget [1]
    • viewing detections for affected [1]
  • users and groups
    • selecting as traffic sources for policies [1]
  • using
    • Command Line Interface [1]
  • utilization
    • Virtual Analyzer images [1]
  • version
    • finding in license description [1] [2]
  • viewing
    • Active Directory Services authentication policies [1]
    • Active Directory Services domains [1]
    • all detections [1]
    • all detections with search filters [1]
    • approved/blocked lists [1]
    • audit logs [1]
    • bypass/redirect policies [1]
    • certificate exceptions [1]
    • detections for affected users [1]
    • detections for files [1]
    • detections for URLs [1]
    • detection viewing overview [1]
    • digital certificates [1]
    • domain objects [1]
    • HTTPS decryption rules [1] [2]
    • HTTPS domain tunnels [1]
    • HTTPS tunnel exceptions [1]
    • inactive CA certificates [1]
    • information about CA used to resign [1]
    • network objects [1]
    • notifications [1]
    • policies [1] [2]
    • product information using about screen [1]
    • product licenses [1]
    • suspicious objects, overview [1]
    • synchronized suspicious objects [1]
    • triggered alerts [1]
    • trusted CA certificates [1]
    • untrusted CA certificates [1]
    • Virtual Analyzer status [1]
  • violation logs
    • sending to a syslog server [1]
  • virtual analyzer
    • importing images for internal [1]
  • Virtual Analyzer
    • administration [1]
    • benefit of enabling patient zero protection [1]
    • benefits of sandbox analysis [1]
    • configuring network settings for [1]
    • dashboard tab [1]
    • deleting images [1]
    • detections of suspicious objects [1]
    • external integration with Deep Discovery Analyzer [1]
    • image preparation overview [1] [2]
    • image status and information [1]
    • importing images [1]
    • importing images from HTTP or FTP server [1]
    • importing images from local source [1]
    • integration with Deep Discovery Analyzer [1]
    • management [1]
    • modifying instances [1]
    • network types [1]
    • overall statuses [1]
    • patient zero protection during sandbox analysis [1]
    • risk levels [1]
    • suspicious domain objects found by [1]
    • suspicious file objects found by [1]
    • suspicious IP address objects found by [1]
    • suspicious object scanning overview [1] [2]
    • suspicious URL objects found by [1]
    • viewing image information [1]
    • viewing status [1]
    • Virtual Analyzer Average Processing Time widget [1]
    • Virtual Analyzer Queue widget [1]
    • Virtual Analyzer Sandbox Analysis widget [1]
  • Virtual Analyzer Average Processing Time
  • Virtual Analyzer Configuration Pattern [1]
  • Virtual Analyzer Queue
  • Virtual Analyzer Sandbox Analysis
  • Virtual Analyzer Sensors [1]
  • Virtual Analyzer Status tab
    • Suspicious Objects from Virtual Analyze widget [1]
    • Virtual Analyzer Average Processing Time widget [1]
    • Virtual Analyzer Queue widget [1]
  • VSAPI [1]
  • web reputation [1]
  • web reputation service
    • detected by [1]
  • widgets [1] [2]
    • adding to tabs [1]
    • Advanced Threat Indicators widget [1]
    • Bandwidth Status widget [1]
    • C&C Callback Detections Over Time widget [1]
    • Connection Status widget [1]
    • displayed by default [1]
    • Hardware Status widget [1]
    • in System Status tab [1]
    • in Threat Monitoring tab [1]
    • in Virtual Analyzer tab [1]
    • list of [1]
    • managing [1]
    • Ransomware Detections Over Time [1]
    • Ransomware Detections Over Time widget [1]
    • Suspicious Objects from Virtual Analyzer widget [1]
    • system status
      • Bandwidth Status [1]
      • Traffic Status [1]
    • System Status tab
      • Connection Status widget [1]
      • Hardware Status widget [1]
    • tasks you can perform on [1]
    • Threat Monitoring tab
      • Advanced Threat Indicators widget [1]
      • C&C Callback Detections Over Time widget [1]
      • Ransomware Detections Over Time widget [1]
      • Top Affected Users widget [1]
      • Top Detected URLs widget [1]
      • Virtual Analyzer Sandbox Analysis widget [1]
    • Top Affected Users [1]
    • Top Detected URLs widget [1]
    • Traffic Status widget [1]
    • Virtual Analyzer Average Processing Time widget [1]
    • Virtual Analyzer Queue widget [1]
    • Virtual Analyzer Sandbox Analysis widget [1]
    • Virtual Analyzer Status tab
      • Suspicious Objects from Virtual Analyzer widget [1]
      • Virtual Analyzer Average Processing Time widget [1]
      • Virtual Analyzer Queue widget [1]
  • Windows Servers
    • supported for configuring Active Directory Services [1]
  • X-Authenticated-User settings
    • configuring [1]
  • XFF settings
    • configuring [1]
  • X-Forwarded-For settings
    • configuring [1]
  • X-Header handling settings
    • configuring [1]

Threat Indicator Classifications Parent topic

The following table explains the threat indicators detected during scanning or analysis. View the table to understand the malicious activity affecting your network.

Threat Indicator Classifications

Threat Indicator
Classification
Ransomware
Malware that limits user access to a system either by locking the user out of the system or encrypts the user's files unless a ransom is paid.
Coin Miners
Malware used by attackers for cryptocurrency mining.
C&C Callbacks
Communication with Command and Control (C&C) servers, which are used to remotely send commands to, download malicious content to, or exfiltrate data from infected clients.
Suspicious Malware
Malicious software used by attackers to disrupt, control, steal, cause data loss, spy upon, or gain unauthorized access to computer systems.
Detections are included in this category if they are not included in the Suspicious Documents or Suspicious Scripts indicator categories.
Suspicious URLs
A domain or URL that links to an unknown malicious website.
Suspicious Documents
High risk detections for Office and PDF documents.
Suspicious Scripts
High risk detections for script files that exhibits malicious characteristics.
Script files include HTML, HTML application, JavaScript, Java jar/class, VB, Windows shell/script, BAT, and SVG files.
Important
Important
Always handle suspicious files with caution.