-
Go to Threat Intelligence > Sharing Settings > Web Service.
The Web Service screen appears.
- Select Enable web service to allow integrated products/services to obtain information from Deep Discovery Director.
- (Optional) By default, Deep Discovery Director (Internal Network Analytics Version) shares threat intelligence data only through HTTPS web service. To additionally enable threat intelligence data through HTTP, select Share information using HTTP (in addition to HTTPS) and specify the HTTP server port number.
- Select which objects to include in the threat intelligence data file.
-
Select the risk level of the objects to be included in the threat intelligence
data file.
The objects appear in the generated file under the following categories.
Table 1. Object Categories in Generated File Object
Category in Generated File
Synchronized Suspicious Objects
DDD_so_list
User-Defined Suspicious Objects
DDD_so_list
C&C Callback Addresses
DDD_cnc_callback_addresses_list
Malicious URL detected by Web Reputation Service from integrated product
DDD_wrs_list
- Select the frequency at which objects should be shared.
- Click Save.
-
(Optional) Click Generate Now.
Note:
After the file generation is successful, you can click the URL to download the threat intelligence data file to view the content.
- Configure an integrated product/service (for example, Blue Coat ProxySG device) to obtain threat intelligence data from Deep Discovery Director (Internal Network Analytics Version). For more information, see the documentation for the integrated product/service.
Parent topic: Web Service