Views:
You can configure lists of registered services that help you manage analysis of Deep Discovery Director - Network Analytics correlation data.
Tip
Tip
Servers in the following registered lists and any interactions with them are not included in the information displayed in the Correlation Data screen.
  • HTTP Proxy - Transparent
  • HTTP Proxy - Explicit
  • High Traffic Server List
  • High Traffic Client List
Trend Micro recommends adding entries to these lists. By reducing false positive correlations, you can more easily identify malicious event histories that require a response.

Procedure

  1. From the Deep Discovery Director management console, access the Settings screen.
    Accessing the Settings Screen
  2. In the left pane, select Registered Services.
  3. From the Type menu, select the desired registered service type and enter the IP address information for the server offering the service.
    After you choose a type, you can click the info icon for a brief description of that service type.
    • You can add one or more IPv4 or IPv6 addresses to each registered service list.
    • You can add a server IP address to more than one registered service list.
    For example, add a security audit server's IP address to the High Traffic Client List and a domain controller's IP address to the High Traffic Server List to reduce false-positive correlations.
  4. Click Add.
Keywords: configuring registered services lists,use registered services lists to configure,configuring registered,configuring,registered services lists,configuring registered services lists from the