Views:

Procedure

  1. Go to Threat IntelligenceSharing SettingsWeb Service.
    The Web Service screen appears.
  2. Select Enable web service to allow integrated products/services to obtain information from Deep Discovery Director.
  3. (Optional) By default, Deep Discovery Director (Consolidated Mode) shares threat intelligence data only through HTTPS web service. To additionally enable threat intelligence data through HTTP, select Share information using HTTP (in addition to HTTPS) and specify the HTTP server port number.
  4. Select which objects to include in the threat intelligence data file.
  5. Select the risk level of the objects to be included in the threat intelligence data file.
    The objects appear in the generated file under the following categories.

    Object Categories in Generated File

    Object
    Category in Generated File
    Synchronized Suspicious Objects
    DDD_so_list
    User-Defined Suspicious Objects
    DDD_so_list
    C&C Callback Addresses
    DDD_cnc_callback_addresses_list
    Malicious URL detected by Web Reputation Service from integrated product
    DDD_wrs_list
  6. Select the frequency at which objects should be shared.
  7. Click Save.
  8. (Optional) Click Generate Now.
    Note
    Note
    After the file generation is successful, you can click the URL to download the threat intelligence data file to view the content.
  9. Configure an integrated product/service (for example, Blue Coat ProxySG device) to obtain threat intelligence data from Deep Discovery Director (Consolidated Mode). For more information, see the documentation for the integrated product/service.